Printing currency documents

ABSTRACT

A method of printing a security document having a security feature, the method including, receiving the security document, and encrypted identity data at least partially indicative of an identity of the security document. The identity is decrypting using a secret key associated with the public key, allowing a signature to be generated using the determined identity. The signature is a digital signature of at least part of the identity. The signature is used in generating coded data at least partially indicative of the identity of the security document and at least part of the signature. The coded data is then printed on the security document.

CROSS REFERENCE TO RELATED APPLICATION

The present application is a continuation of U.S. application Ser. No.11/041,649 filed on Jan. 25, 2005, the entire contents of which are nowincorporated by reference.

FIELD OF THE INVENTION

The present invention broadly relates to a method and apparatus for theprotection of products and security documents using machine readabletags disposed on or in a surface of the product or security document.

CROSS REFERENCE TO OTHER RELATED APPLICATIONS

The following applications have been filed by the Applicantsimultaneously with this application:

7,681,800 7,461,778 11/863,257 11/863,262 11/863,268 11/863,2697,637,419 7,676,382 7,464,879 11/863,263 7,469,819 7,484,101 7,472,2787,467,301

The disclosures of these co-pending applications are incorporated hereinby reference.

The following applications were filed by the Applicant simultaneouslywith the parent application, application Ser. No. 11/041,649:

11/041,556 11/041,580 11/041,723 11/041,698 11/041,648 11/041,60911/041,626 11/041,627 11/041,624 11/041,625 11/041,650 11/041,65111/041,652 11/041,610

The disclosures of these co-pending applications are incorporated hereinby reference.

CROSS-REFERENCES

Various methods, systems and apparatus relating to the present inventionare disclosed in the following co-pending applications and grantedpatents filed by the applicant or assignee of the present invention. Thedisclosures of all of these co-pending applications and granted patentsare incorporated herein by cross-reference.

6,795,215 10/884,881 10/296,522 09/575,109 10/296,535 6,859,2896,805,419 09/607,985 6,398,332 6,394,573 6,622,923 6,747,760 10/189,45910/943,941 10/949,294 10/727,181 10/727,162 10/727,163 10/727,24510/727,204 10/727,233 10/727,280 10/727,157 10/727,178 10/727,21010/727,257 10/727,238 10/727,251 10/727,159 10/727,180 10/727,17910/727,192 10/727,274 10/727,164 10/727,161 10/727,198 10/727,15810/754,536 10/754,938 10/727,227 10/727,160 10/934,720 10/854,52110/854,522 10/854,488 10/854,487 10/854,503 10/854,504 10/854,50910/854,510 10/854,496 10/854,497 10/854,495 10/854,498 10/854,51110/854,512 10/854,525 10/854,526 10/854,516 10/854,508 10/854,50710/854,515 10/854,506 10/854,505 10/854,493 10/854,494 10/854,48910/854,490 10/854,492 10/854,491 10/854,528 10/854,523 10/854,52710/854,524 10/854,520 10/854,514 10/854,519 10/854,513 10/854,49910/854,501 10/854,500 10/854,502 10/854,518 10/854,517 10/934,62810/728,804 10/728,952 10/728,806 10/728,834 10/729,790 10/728,88410/728,970 10/728,784 10/728,783 10/728,925 10/728,842 10/728,80310/728,780 10/728,779 10/773,189 10/773,204 10/773,198 10/773,1996,830,318 10/773,201 10/773,191 10/773,183 10/773,195 10/773,19610/773,186 10/773,200 10/773,185 10/773,192 10/773,197 10/773,20310/773,187 10/773,202 10/773,188 10/773,194 10/773,193 10/773,1846,746,105 6,623,101 6,406,129 6,505,916 6,457,809 6,550,895 6,457,8126,428,133 09/575,141 10/407,212 10/815,625 10/815,624 10/815,62809/517,539 6,566,858 09/112,762 6,331,946 6,246,970 6,442,525 09/517,38409/505,951 6,374,354 09/517,608 09/505,147 6,757,832 6,334,190 6,745,33109/517,541 10/203,559 10/203,540 10/203,564 10/636,263 10/636,28310/866,608 10/902,889 10/902,883 10/940,653 10/942,858 10/409,87610/409,848 10/409,845 09/575,197 09/575,195 09/575,159 09/575,13209/575,123 6,825,945 09/575,130 09/575,165 6,813,039 09/693,41509/575,118 6,824,044 09/608,970 09/575,131 09/575,116 6,816,27409/575,139 09/575,186 6,681,045 6,678,499 6,679,420 09/663,59909/607,852 6,728,000 09/693,219 09/575,145 09/607,656 6,813,5586,766,942 09/693,515 09/663,701 09/575,192 6,720,985 09/609,30309/610,095 09/609,596 6,847,883 09/693,647 09/721,895 09/721,89409/607,843 09/693,690 09/607,605 09/608,178 09/609,553 09/609,23309/609,149 09/608,022 09/575,181 09/722,174 09/721,896 10/291,5226,718,061 10/291,523 10/291,471 10/291,470 6,825,956 10/291,48110/291,509 10/291,825 10/291,519 10/291,575 10/291,557 6,862,10510/291,558 10/291,587 10/291,818 10/291,576 6,829,387 6,714,6786,644,545 6,609,653 6,651,879 10/291,555 10/291,510 10/291,59210/291,542 10/291,820 10/291,516 6,867,880 10/291,487 10/291,52010/291,521 10/291,556 10/291,821 10/291,525 10/291,586 10/291,82210/291,524 10/291,553 6,850,931 6,865,570 6,847,961 10/685,52310/685,583 10/685,455 10/685,584 10/757,600 10/804,034 10/793,9336,889,896 10/831,232 10/884,882 10/943,875 10/943,938 10/943,87410/943,872 10/944,044 10/943,942 10/944,043 10/949,293 10/943,87710/965,913 10/954,170 10/981,773 10/981,626 10/981,616 10/981,62710/974,730 10/986,337 10/992,713 11/006,536 11/020,256 11/020,10611/020,260 11/020,321 11/020,319 11/026,045 09/575,193 09/575,15609/609,232 09/607,844 6,457,883 09/693,593 10/743,671 11/033,37909/928,055 09/927,684 09/928,108 09/927,685 09/927,809 09/575,1836,789,194 09/575,150 6,789,191 10/900,129 10/900,127 10/913,32810/913,350 10/982,975 10/983,029 6,644,642 6,502,614 6,622,999 6,669,3856,827,116 10/933,285 10/949,307 6,549,935 09/575,187 6,727,996 6,591,8846,439,706 6,760,119 09/575,198 09/722,148 09/722,146 6,826,547 6,290,3496,428,155 6,785,016 6,831,682 6,741,871 09/722,171 09/721,858 09/722,1426,840,606 10/202,021 10/291,724 10/291,512 10/291,554 10/659,02710/659,026 10/831,242 10/884,885 10/884,883 10/901,154 10/932,04410/962,412 10/962,510 10/962,552 10/965,733 10/965,933 10/974,74210/982,974 10/983,019 10/986,375 09/693,301 6,870,966 6,822,6396,474,888 6,627,870 6,724,374 6,788,982 09/722,141 6,788,293 09/722,1476,737,591 09/722,172 09/693,514 6,792,165 09/722,088 6,795,59310/291,823 6,768,821 10/291,366 10/291,503 6,797,895 10/274,81710/782,894 10/782,895 10/778,056 10/778,058 10/778,060 10/778,05910/778,063 10/778,062 10/778,061 10/778,057 10/846,895 10/917,46810/917,467 10/917,466 10/917,465 10/917,356 10/948,169 10/948,25310/948,157 10/917,436 10/943,856 10/919,379 10/943,843 10/943,87810/943,849 10/965,751 09/575,154 09/575,129 6,830,196 6,832,71709/721,862 10/473,747 10/120,441 6,843,420 10/291,718 6,789,73110/291,543 6,766,944 6,766,945 10/291,715 10/291,559 10/291,66010/409,864 10/309,358 10/410,484 10/884,884 10/853,379 10/786,63110/853,782 10/893,372 10/893,381 10/893,382 10/893,383 10/893,38410/971,051 10/971,145 10/971,146 10/986,403 10/986,404 10/986,45910/492,169 10/492,152 10/492,168 10/492,161 10/492,154 10/502,57510/683,151 10/683,040 10/510,391 10/919,260 10/510,392 10/919,26110/778,090 09/575,189 09/575,162 09/575,172 09/575,170 09/575,17109/575,161 10/291,716 10/291,547 10/291,538 6,786,397 10/291,82710/291,548 10/291,714 10/291,544 10/291,541 6,839,053 10/291,57910/291,824 10/291,713 10/291,545 10/291,546 10/917,355 10/913,34010/940,668 11/020,160 6,593,166 10/428,823 10/849,931 10/815,62110/815,612 10/815,630 10/815,637 10/815,638 10/815,640 10/815,64210/815,643 10/815,644 10/815,618 10/815,639 10/815,635 10/815,64710/815,634 10/815,632 10/815,631 10/815,648 10/815,614 10/815,64510/815,646 10/815,617 10/815,620 10/815,615 10/815,613 10/815,63310/815,619 10/815,616 10/815,614 10/815,636 10/815,649 10/815,60910/815,627 10/815,626 10/815,610 10/815,611 10/815,623 10/815,62210/815,629 6,454,482 6,808,330 6,527,365 6,474,773 6,550,997 10/181,49610/274,119 10/309,185 10/309,066 10/949,288 10/962,400 10/969,121

BACKGROUND

Security Document Counterfeiting

Counterfeiting of security documents, such as money, is an increasingproblem that now poses a real threat to the strength of global monetarysystems. Software and high quality photographic and printing technologyare making it easier for criminals to produce and pass counterfeit notesinto the monetary system. Counterfeit currency can be used to supportthe underground, untaxed economy, and it is a global threat that coulderode financial systems.

The main reason that counterfeiting remains a major concern is the easeand speed with which large quantities of counterfeit currency can beproduced using counterfeit software combined with high qualityphotographic and printing equipment. The occurrence of counterfeiting islikely to increase because these technologies are more readilyavailable, and the techniques are more easily understood by anincreasingly larger segment of the criminal population.

Whilst, these technologies do not reproduce the watermarks, colorshifting, embedded security threads, microprinting, and the general feelof the note, or the slightly raised print produced by engraved plates,in day-to-day transactions these features are often overlooked so thatcounterfeit notes are often accepted as legal tender. Counterfeit moneycan move through banks, money exchanges, casinos, and is even carriedoverseas, and there are growing opportunities for counterfeit currencyto be passed into the monetary system. Most of the large economiesaround the world are therefore now committed to introducing newtechnologies, as well as additional regulations and processes to makeidentification of counterfeit notes easier, to thereby reduce theincidence of counterfeit notes entering the monetary system.

Another concern is that there are governments who knowingly supportcounterfeiters, and some are complicit in producing counterfeitcurrency. A related problem is that all of the major U.S. and Europeanbanks have established multiple correspondent relationships throughoutthe world so they may engage in international financial transactions forthemselves and their clients in places where they do not have a physicalpresence. Many of these do not meet current regulatory or reportingrequirements, and therefore make it difficult to gain sufficientinformation to actively combat counterfeiting.

In addition to the growing problem of currency counterfeiting, the risksassociated with money laundering are also a major concern for manygovernments for two reasons:

-   -   1. Deregulation of global financial systems means that it is now        harder to combat money laundering; and    -   2. The funds involved in money laundering are increasing        rapidly.

There are two stages involved in money laundering: placement andlayering, and integration.

Placement is the movement of cash from its source and placing it intocirculation through financial institutions, casinos, shops, bureau dechange and other businesses, both local and abroad. Placement can becarried out through many processes including currency smuggling, bankcomplicity, deregulated currency exchanges, blending to enable fundsfrom illicit activities to be obscured in legal transactions, and usingthe proceeds to purchase less conspicuous assets.

The purpose of layering is to make it more difficult for law enforcementagencies to detect the trail of illegal proceeds. Layering methods caninclude converting cash to other monetary instruments such as banker'sdrafts and money orders, or selling assets bought with illicit funds.

The final stage of integration is the movement of previously launderedmoney into the economy, mainly through the banking system, to maketransactions appear to be normal business earnings.

The first thing to note about money laundering is that criminals preferto deal in cash because of its anonymity. In most financialtransactions, there is a financial paper trail to link the personinvolved. Physical cash, however, has disadvantages. It is bulky anddifficult to move. For example, 44 pounds of cocaine worth $1 million isequivalent to 256 pounds of street cash. The street cash is more thansix times the weight of the drugs. The existing payment systems and cashare both problems for criminals, even more so for large transnationalcrime groups. This is where criminals and terrorists are often mostvulnerable.

By limiting the opportunity for counterfeit notes, and funds fromillicit activities to enter the economy at the money placement andlayering phases, it becomes possible to restrict a wide range of moneylaundering activities.

To do this requires a detailed knowledge of cash flow movements that canonly be gained by introducing the ability to track and trace the flow ofindividual notes within the monetary system, and the ability to linklarge reportable cash transactions to an individual's identity.

As a consequence, governments have endeavored to:

-   -   Improve international co-operation through governments to        address money laundering and counterfeiting concerns; and,    -   Establish additional national controls for the distribution and        supply of currency within a country.

Concerted efforts by governments to fight money laundering have beengoing on for the past fifteen years. The main international agreementsaddressing counterfeit and money laundering include: the United NationsVienna Convention against Illicit Traffic in Narcotics Drugs andPsychotropic Substances (the Vienna Convention) and the 1990 Council ofEurope Convention on Laundering (Adopted in November 1990, the Councilof Europe Convention establishes a common criminal policy on moneylaundering. The convention lays down the principles for internationalco-operation among the contracting parties.).

The role of financial institutions in preventing and detecting moneylaundering has been the subject of pronouncements by the Basic Committeeon Banking Supervision, the European Union, and the InternationalOrganization of Securities Commissions.

In December 1988, the G-10's Basle Committee on Banking Supervisionissued a “statement of principles” with which the international banks ofmember states are expected to comply. These principles cover identifyingcustomers, avoiding suspicious transactions, and co-operating with lawenforcement agencies. In issuing these principles, the committee notedthe risk to public confidence in banks, and thus to their stability,that can arise if they inadvertently become associated with moneylaundering.

The “United Nations Convention against Transnational Organized Crime”was tabled for signing in December 2000. The Convention urgesgovernments to cooperate with one another in the detection,investigation and prosecution of money laundering. Signatories areobliged to reinforce requirements for customer identification,record-keeping and the reporting of suspicious transactions. Signatoriesare also recommended to set up financial intelligence units to collect,analyze and disseminate information.

Since the events of Sep. 11, 2001, UN Member States have emphasized thelinks between terrorism, transnational organized crime, theinternational drug trade and money laundering. The UN Security Counciladopted resolution 1373 (2001) and it established the Counter-TerrorismCommittee (CTC), which is mandated to monitor the implementation of theresolution urging States to prevent and suppress the financing ofterrorist acts.

Other potential macroeconomic consequences of unchecked money launderingthat have been noted by the International Monetary Fund (IMF) areinexplicable changes in money demand, contamination effects on legalfinancial transactions, and increased volatility of internationalcapital flow and exchange rates as a consequence of unanticipatedcross-border asset transfers. The latter point is especially importantand poses a significant risk to the EU financial system as moneylaundering has a direct effect on the Foreign Exchange Market (FOREX) ofan economy, which is vulnerable to the volume of cash involved in thetrade.

Banks are susceptible to risks from money launderers on several fronts.There is a thin line between a financial institution suspecting that itis being used to launder money and the institution becoming criminallyinvolved with the activity. Banks that are exposed as laundering moneyare likely to face costs associated with the subsequent loss of businesson top of vast legal costs. At the very least, the discovery of a banklaundering money for an organised crime syndicate is likely to generateadverse publicity for the bank. Banks passing counterfeit notes tocustomers will also result in declining business as clients takebusiness elsewhere. However, a much graver risk that banks face is thatof criminal prosecution for laundering money. EU laws and directivesstate that if a financial institution in the EU is found to be assistinga money launderer and failed to follow the appropriate procedures aslaid out by EU directives, the individual employee and respectivesupervisors, including company directors, are personally liable toimprisonment or fines. This is the reason why the EU directives on moneylaundering include the “know your customer” initiative.

As a result due diligence measures have been implemented by financialservice providers under regulatory supervision to ensure the integrityof those conducting business with the institution. These consist of foursub-categories:

-   -   1) identification;    -   2) know your customer;    -   3) record keeping; and    -   4) suspicious activity reporting.

These are all time consuming and difficult to manage.

In addition to international efforts to combat counterfeiting and moneylaundering, most OECD governments have introduced a wide range ofdomestic statutes governing the distribution, and management ofcurrency. Some of these are needed to support international approaches,and others have been introduced to reduce local opportunities forterrorists or criminals to derive benefit from counterfeiting or moneylaundering activities. While it is not possible to consider all ofthese, a few U.S. statutory requirements are considered here tohighlight the emerging requirements that any new currency validation andtracking system might be required to meet to support national andinternational objectives.

Within the U.S., national distribution and supply of U.S. currency isregulated by the U.S. Monetary Policy, and implemented by the FederalReserve and the Department of Treasury, and monitored by the SecretService. The Bureau of Engraving and Printing (BEP), which is a divisionof the U.S. Department of Treasury, serves as the United States'security printer. It produces the Nation's currency, most of its postagestamps, and other security documents (The first important distinction isthat while the Federal Reserve issues Federal Reserve notes, theTreasury issues coins. Consequently, the Federal Reserve determines theamount of new currency of each denomination to be printed annually bythe US Bureau of Engraving and Printing (BEP)).

In the case of currency, the Federal Reserve Banks verify all notesdeposited with them by the banking industry on a note-by-note basis.During this verification, deposited currency is counted for accuracy,counterfeit notes are identified, and unfit notes are destroyed. TheBEP, in conjunction with the Department of Treasury, Federal Reserve andSecret Service, are continuously working on changes that are required toprotect the integrity of the monetary system.

Additionally, the Internal Revenue Code (IRC) requires anyone involvedin a trade or business, except financial institutions, to reportcurrency received for goods or services in excess of $10,000. The BankSecrecy Act (BSA) mandates the reporting of certain currencytransactions conducted by financial institutions, the disclosure offoreign bank accounts, and the reporting of the transportation ofcurrency exceeding $10,000 across United States borders.

The Internal Revenue Service (IRS) is one of the key agencies involvedin money laundering investigations. Tax evasion, public corruption,health care fraud, money laundering and drug trafficking are allexamples of the types of crimes that revolve around cash. A financialinvestigation often becomes the key to a conviction.

In addition to providing physical protection to the leaders of theUnited States of America, the Secret Service has set as its highestinvestigative priority the identification and suppression of counterfeitcurrency production and distribution networks. With 60% of genuine U.S.currency circulating outside of the U.S., the dollar continues to be atarget for transnational counterfeiting activity.

The main objective of the U.S. Patriot Act 2001 is to amend certain lawswithin the constitution of the United States of America to assist withthe national and global fight against terrorism. These laws relate toreporting requirements for currency received in non-financial trade orbusiness. These include the name, address, and identificationinformation of the person from whom the currency was received, theamount of currency received, the date and nature of the transaction, andthe identification of the person filing the report.

In their effort to avoid using traditional financial institutions, manycriminals are forced to move large quantities of currency in bulk formthrough airports, border crossings, and other ports of entry where thecurrency can be smuggled out of the United States and placed in aforeign financial institution or sold on the black market. Thetransportation and smuggling of cash in bulk form may now be one of themost common forms of money laundering, and the movement of large sums ofcash is one of the most reliable warning signs of drug trafficking,terrorism, money laundering, racketeering, tax evasion and similarcrimes.

To support the above international and national initiatives, thetechnology industry has also initiated a number of programs. Forexample, IBM and Searchspace have joined forces to launch the IBMAnti-Money Laundering Service, a hosted computer service to help meetnew U.S. Patriot Act requirements, which requires firms to implement newtechnologies to detect and prevent money laundering schemes byterrorists and other criminals. Unisys also provides anti-moneylaundering and fraud detection services. These services have beenprovided to police forces and leading financial institutions.

Given the wide range of approaches adopted to support internationalco-operative efforts to limit terrorist and criminal activity, there isa growing recognition that organized crime is increasingly operatingthrough more fluid network structures rather than more formalhierarchies.

This therefore requires the use of new methods and technologies in orderto comply with the wide range of regulations and recommendations neededto combat laundering and counterfeiting.

These new methods and technologies should make it easy to validatenotes, automate many of the statutory cash transaction reportingrequirements, and provide the capability for security agencies to detectcrime patterns through cash flow tracking.

An existing solution to the problem involves the use of note trackingusing RFID chips.

Due to the Euro's broad cross-border reach, the European Central Bank(ECB) and criminal investigators in Europe are concerned about increasesin counterfeiting, as well as a possible increase in money laundering.There are now over 10 billion bank notes in circulation, with 4.5billion being held in reserve to accommodate potential leaps in demand.Last year, Greek authorities were confronted with 2,411 counterfeitingcases while authorities in Poland arrested a gang suspected of makingand putting over a million fake euros into circulation.

Because of these concerns, the application of RFID (Radio FrequencyIdentification) technology to paper currency is currently beinginvestigated by the European Central Bank and Hitachi.

Hitachi Ltd. announced plans in July 2003 for a chip designed for highdenomination currency notes that would pack RF circuitry and ROM in a0.4-mm square circuit that is only 60 microns thick. The Hitachi“mu-chip” will be capable of wirelessly transmitting a 128-bit numberwhen radio signals are beamed at it. Besides acting as a digitalwatermark, such RFID chips could speed up routine bank processes such ascounting. A stack of notes can be passed through a reader with the sumdetermined automatically, similar to the way that inventory is trackedin an RFID-based system.

However there are a number of difficulties that associated with such asolution.

First, there are concerns about the high costs associated with producingand integrating each chip into a note. Manufacturing processes are alsoconsidered a major hurdle to embedding a low-cost antenna and chip inbank notes.

There are also concerns about the robustness of a chip solution. Banknotes have a thickness of only about 80 microns. Once a 60 micron thickRFID chip is connected to its antenna, it is likely to be well over 100microns thick. They will therefore be at risk of snagging on an objector surface, and being torn out of the note paper. Notes rubbing againsteach other in a wallet may cause the RFID chips to tear out of thenotes. Another major concern is the robustness of the chip itself. Banknotes undergo repeated folding, they are accidentally put throughwashing machines, and they may receive large electrostatic shocks.

All of these will make it difficult for the issuers to guarantee thatchips will continue to function properly for the expected life of thenote. People are unlikely to accept that their notes are invalid simplybecause the RFID chips have been torn out or damaged, so there will notbe an expectation that all notes must have RFID chips. So, a forger canpass off notes which never had chips simply by tearing small holes wherethe chips have purportedly ‘snagged on something and been torn out’.

There are also concerns about privacy. With the potential to track andtrace cash, individuals may become concerned that cash will lose itsanonymity when buying goods. There are also concerns by privacyadvocates that a scanner in the hands of criminals could be used toremotely determine the amount of cash being carried by an individualwithout their knowledge. This could place them at risk of attack.

Thus, there are many factors that suggest that an RFID solution may notbe feasible for validating and tracking currency.

Surface Coding Background

The Netpage surface coding consists of a dense planar tiling of tags.Each tag encodes its own location in the plane. Each tag also encodes,in conjunction with adjacent tags, an identifier of the regioncontaining the tag. This region ID is unique among all regions. In theNetpage system the region typically corresponds to the entire extent ofthe tagged surface, such as one side of a sheet of paper.

The surface coding is designed so that an acquisition field of viewlarge enough to guarantee acquisition of an entire tag is large enoughto guarantee acquisition of the ID of the region containing the tag.Acquisition of the tag itself guarantees acquisition of the tag'stwo-dimensional position within the region, as well as othertag-specific data. The surface coding therefore allows a sensing deviceto acquire a region ID and a tag position during a purely localinteraction with a coded surface, e.g. during a “click” or tap on acoded surface with a pen.

The use of netpage surface coding is described in more detail in thefollowing copending patent applications, U.S. Ser. No. 10/815,647 ,entitled “Obtaining Product Assistance” filed on 2 Apr. 2004; and U.S.Ser. No. 10/815,609 , entitled “Laser Scanner Device for Printed ProductIdentification Cod” filed on 2 Apr. 2004.

Cryptography Background

Cryptography is used to protect sensitive information, both in storageand in transit, and to authenticate parties to a transaction. There aretwo classes of cryptography in widespread use: secret-key cryptographyand public-key cryptography.

Secret-key cryptography, also referred to as symmetric cryptography,uses the same key to encrypt and decrypt a message. Two parties wishingto exchange messages must first arrange to securely exchange the secretkey.

Public-key cryptography, also referred to as asymmetric cryptography,uses two encryption keys. The two keys are mathematically related insuch a way that any message encrypted using one key can only bedecrypted using the other key. One of these keys is then published,while the other is kept private. They are referred to as the public andprivate key respectively. The public key is used to encrypt any messageintended for the holder of the private key. Once encrypted using thepublic key, a message can only be decrypted using the private key. Thustwo parties can securely exchange messages without first having toexchange a secret key. To ensure that the private key is secure, it isnormal for the holder of the private key to generate the public-privatekey pair.

Public-key cryptography can be used to create a digital signature. Ifthe holder of the private key creates a known hash of a message and thenencrypts the hash using the private key, then anyone can verify that theencrypted hash constitutes the “signature” of the holder of the privatekey with respect to that particular message, simply by decrypting theencrypted hash using the public key and verifying the hash against themessage. If the signature is appended to the message, then the recipientof the message can verify both that the message is genuine and that ithas not been altered in transit.

Secret-key can also be used to create a digital signature, but has thedisadvantage that signature verification can also be performed by aparty privy to the secret key.

To make public-key cryptography work, there has to be a way todistribute public keys which prevents impersonation. This is normallydone using certificates and certificate authorities. A certificateauthority is a trusted third party which authenticates the associationbetween a public key and a person's or other entity's identity. Thecertificate authority verifies the identity by examining identitydocuments etc., and then creates and signs a digital certificatecontaining the identity details and public key. Anyone who trusts thecertificate authority can use the public key in the certificate with ahigh degree of certainty that it is genuine. They just have to verifythat the certificate has indeed been signed by the certificateauthority, whose public key is well-known.

To achieve comparable security to secret-key cryptography, public-keycryptography utilises key lengths an order of magnitude larger, i.e. afew thousand bits compared with a few hundred bits.

Schneier B. (Applied Cryptography, Second Edition, John Wiley & Sons1996) provides a detailed discussion of cryptographic techniques.

SUMMARY OF THE INVENTION

In a first broad form the invention provides a method of tracking asecurity document, the security document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the security document,the method including, in a computer system: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data indicative of the identity ofthe product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the security document; and, tracking information.

Optionally, the tracking information is indicative of at least one of:the current owner of the security document; one or more transactionsperformed using the security document; a location of the securitydocument; and, a location of the sensing device.

Optionally, the method includes determining the tracking informationusing at least one of: the indicating data; and, user inputs.

Optionally, the sensing device stores data indicative of at least one ofan identity of the sensing device and an identity of a user, and whereinthe sensing device generates the indicating data using the stored data.

Optionally, each coded data portion is further indicative of at leastpart of a signature, the signature being a digital signature of at leastpart of the identity, and wherein the method includes, in the computersystem: determining, from the indicating data, a determined identity andat least one determined signature part; and, authenticating the securitydocument using the determined identity and the at least one determinedsignature part.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the entire signature is encoded within a plurality of codeddata portions and wherein the method includes, in the sensing device,sensing a number of coded data portions to thereby determine the entiresignature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the sensing device stores data indicative of at least one ofan identity of the sensing device and an identity of a user, and whereinthe sensing device generates the indicating data using the stored data.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the method is further used for determining a counterfeitsecurity document, each coded data portion being further indicative ofat least part of a signature, the signature being a digital signature ofat least part of the identity, wherein the method further includes: in asensing device: generating, using the sensed coded data portion,indicating data indicative of: the identity; and, at least one signaturepart; and, in a processor: determining, from the indicating data: adetermined identity; and, at least one determined signature part; and,determining if the security document is a counterfeit document using thedetermined identity and the at least one determined signature part.

Optionally, the method is further used for determining a possibleduplicated security document, wherein the method includes, in a computersystem: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the method is used in a currency counter for countingcurrency documents, each currency document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the currency document,the counter including: an input for receiving a number of currencydocuments to be counted; an output for providing counted currencydocuments; a feed mechanism for transporting currency documents from theinput to the output along a feed path; a sensor for sensing at least onecoded data portion for each currency document transported along the feedpath; and, a processor for: determining, from the at least one sensedcoded data portion, a sensed identity for each currency document;determining, from the sensed identity, a determined value for eachcurrency document; and, counting the currency documents using thedetermined values.

Optionally, the security document having a security feature, wherein themethod of providing the security document includes: creating thesecurity document; determining an identity associated with the securitydocument; generating a signature using the identity, the signature beinga digital signature of at least part of the identity; generating codeddata, the coded data including a number of coded data portions, eachcoded data portion being indicative of: the identity of the securitydocument; and, at least part of the signature; and, printing the codeddata on the security document.

Optionally, the security document being printed with a security feature,wherein the method of printing the security document includes: receivingthe security document; receiving identity data, the identity data beingat least partially indicative of an identity of the security document,the identity data being encrypted using a public key; determining theidentity by decrypting the received identity data using a secret keyassociated with the public key; generating a signature using thedetermined identity, the signature being a digital signature of at leastpart of the identity; generating coded data at least partiallyindicative of: the identity of the security document; and, at least partof the signature; and, printing the coded data on the security document.

Optionally, the method is used in a system for recording a transactionrelating to a security document, the system including a computer systemfor: receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; and, updating, using the receivedindicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the method is further used for monitoring transactionsinvolving security documents, the method including, in a computer systemand following a transaction involving a security document: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of,for each of a number of security documents, performed transactions;comparing the transaction data to one or more predetermined patterns tothereby determine the presence or absence of a cash flow anomaly.

Optionally, the method includes using a security document database, thedatabase storing security document data including, for each of a numberof security documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the method is further used for causing a computer system tomonitor transactions involving security documents, the method beingperformed using a set of instructions, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the set of instructions, whenexecuted by the computer system, causing the computer system to: receiveindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of:the identity of the security document; and, the transaction.

Optionally, the method is further used for counting currency documents,the method being performed using a set of instructions, each currencydocument having disposed therein or thereon at least one coded dataportion being indicative of at least an identity of the currencydocument, the currency counter having: an input for receiving a numberof currency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor, the set of instructions, whenexecuted by the processor, causing the processor to: determine, from theat least one sensed coded data portion, a sensed identity for eachcurrency document; determine, from the sensed identity, a determinedvalue for each currency document; and, count the currency documentsusing the determined values.

Optionally, the method is used in a processor for use in a device forauthenticating security documents, the coded data further being at leastpartially indicative of a signature, the signature being a digitalsignature of at least part of the identity, the processor being adaptedto: receive indicating data from a sensor in the device, the sensorbeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity; and, at least partof the signature; determine, from the indicating data, a determinedidentity and at least one determined signature part; and, authenticatethe security document using the determined identity and the at least onedetermined signature part.

Optionally, the method is further used for counting currency documents,each currency document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing at least partially indicative of an identity of the currencydocument, the method including, in a sensing device: sensing at leastone coded data portion for each currency document; generating, using thesensed coded data portion, indicating data at least partially indicativeof the identity of each currency document; and, transferring theindicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, using the indicatingdata, a determined identity for each currency document; determine, usingeach determined identity, a value for each currency document; and, countthe currency documents using the determined values.

Optionally, the method further being used for authenticating andevaluating a currency document, the currency document having disposedthereon or therein coded data including a plurality of coded dataportions, the method including, in a sensing device: sensing at leastone coded data portion; generating, using the sensed coded data portion,indicating data at least partially indicative of: an identity of thecurrency document; and at least part of a signature, the signature beinga digital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the security document includes anti-copy protection, theidentity being uniquely indicative of the respective security documentand being stored in a data store to allow for duplication of thesecurity document to be determined.

Optionally, the security document includes anti-forgery protection, eachcoded data portion being further indicative of at least part of asignature, the signature being formed by encrypting at least part of theidentity using a private key of public/private key pair, such that:valid security documents can only be created using the private key; and,validity of the security document can be confirmed using thecorresponding public key.

Optionally, the method is further used for recovering a stolen securitydocument, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

In another broad form the invention provides a method of tracking asecurity document, the security document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the security document,the method including, in a sensing device: sensing at least one codeddata portion; determining, using the at least one sensed coded dataportion, indicating data indicative of the identity of the product item;and, transferring the indicating data to a computer system, the computersystem being responsive to the indicating data to update tracking datastored in a data store, tracking data being indicative of: the identityof the product item; and, tracking information.

In a second broad form the invention provides a sensing device for usewith a security document, the security document having disposed thereonor therein coded data including a number of coded data portions, eachcoded data portion being indicative of an identity of the securitydocument, the sensing device including: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the sensing device further includes an indicator forindicating the sensed identity of the security document.

Optionally, the each coded data portion is indicative of at least partof a signature, the signature being a digital signature of at least partof the identity, and wherein the processor: determines, from the atleast one sensed coded data portion, at least one sensed signature part;and, determines if the security document is a counterfeit document usingthe sensed identity and the at least one sensed signature part.

Optionally, the processor: accesses a data store, using the sensedidentity, to determine a stored signature part; compares the storedsignature part to the at least one sensed signature part; and,authenticates the security document using the results of the comparisonto thereby determine if the document is a counterfeit.

Optionally, the processor: generates, using the sensed identity and akey, at least a generated signature part; compares the generatedsignature part to the at least one sensed signature part; and,authenticates the security document using the results of the comparisonto thereby determine if the document is a counterfeit.

Optionally, the entire signature is encoded within a plurality of codeddata portions, and wherein the processor: determines, from a pluralityof sensed coded data portions, a plurality of sensed signature partsrepresenting the entire signature; generates, using the plurality ofsensed signature parts and a key, a generated identity; compares thegenerated identity to the sensed identity; and, authenticates thesecurity document using the results of the comparison to therebydetermine if the document is a counterfeit.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the processor: accesses, using the sensed identity, trackingdata indicative of, for each of a number of existing security documents:the identity of the security document; and, tracking informationindicative of the location of the security document; and, at least oneof: determines, using the tracking information, if the security documentis a duplicate of one of the existing security documents; and, updatesthe tracking information.

Optionally, the sensing device includes a communications system, andwherein the processor includes a first processor part provided in thesensing device and a second remote processor part coupled to the firstprocessor part via the communications system, and wherein the firstprocessor part: generates indicating data indicative of at least one of:the sensed identity; and, at least one sensed signature part; transfersthe indicating data to a second processor part via the communicationssystem, and wherein the second processor part is responsive to theindicating data to perform at least one of: determination of a valueassociated with the security document; and, determination of whether thesecurity document is a counterfeit document.

Optionally, the sensing device stores data indicative of at least one ofan identity of the sensing device and an identity of a user, and whereinthe sensing device generates the indicating data using the stored data.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the sensing device is used in a method of tracking asecurity document, the security document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the security document,the method including, in a computer system: receiving indicating datafrom the sensing device, the sensing device being responsive to sensingof the coded data to generate indicating data indicative of the identityof the product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the product item; and, tracking information.

Optionally, the sensing device is used in a method of determining acounterfeit security document, the security document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of: an identity of the securitydocument; and, at least part of a signature, the signature being adigital signature of at least part of the identity; wherein the methodincludes: in the sensing device: sensing at least one coded dataportion; and, generating, using the sensed coded data portion,indicating data indicative of: the identity; and, at least one signaturepart; in a processor: determining, from the indicating data: adetermined identity; and, at least one determined signature part;determining if the security document is a counterfeit document using thedetermined identity and the at least one determined signature part.

Optionally, the sensing device is used in a method of determining apossible duplicated security document, the security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, and wherein the method includes, in acomputer system: receiving indicating data from the sensing device, thesensing device being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the sensing device is used in a currency counter forcounting currency documents, each currency document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of an identity of the currencydocument, the counter including: an input for receiving a number ofcurrency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor for: determining, from the atleast one sensed coded data portion, a sensed identity for each currencydocument; determining, from the sensed identity, a determined value foreach currency document; and, counting the currency documents using thedetermined values.

Optionally, the sensing device is used in a method of providing asecurity document having a security feature, the method including:creating the security document; determining an identity associated withthe security document; generating a signature using the identity, thesignature being a digital signature of at least part of the identity;generating coded data, the coded data including a number of coded dataportions, each coded data portion being indicative of: the identity ofthe security document; and, at least part of the signature; and,printing the coded data on the security document.

Optionally, the sensing device is used in a method of printing asecurity document having a security feature, the method including:receiving the security document; receiving identity data, the identitydata being at least partially indicative of an identity of the securitydocument, the identity data being encrypted using a public key;determining the identity by decrypting the received identity data usinga secret key associated with the public key; generating a signatureusing the determined identity, the signature being a digital signatureof at least part of the identity; generating coded data at leastpartially indicative of: the identity of the security document; and, atleast part of the signature; and, printing the coded data on thesecurity document.

Optionally, the sensing device is used in a system for recording atransaction relating to a security document, the security documenthaving disposed thereon or therein coded data including a number ofcoded data portions, each coded data portion being indicative of atleast an identity of the security document, the system including acomputer system for: receiving indicating data from the sensing device,the sensing device being responsive to sensing of the coded data togenerate indicating data at least partially indicative of: the identityof the security document; and, the transaction; and, updating, using thereceived indicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the sensing device is used in a method for monitoringtransactions involving security documents, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the method including, in a computersystem and following a transaction involving a security document:receiving indicating data from the sensing device, the sensing devicebeing responsive to sensing of coded data to generate indicating data atleast partially indicative of: the identity of the security document;and, the transaction; updating, using the received indicating data,transaction data stored in a data store, the transaction data beingindicative of, for each of a number of security documents, performedtransactions; comparing the transaction data to one or morepredetermined patterns to thereby determine the presence or absence of acash flow anomaly.

Optionally, the sensing device is uses a security document database, thedatabase storing security document data including, for each of a numberof security documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the sensing device is used in a computer system including aset of instructions for causing the computer system to monitortransactions involving security documents, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the set of instructions, whenexecuted by the computer system, causing the computer system to: receiveindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of:the identity of the security document; and, the transaction.

Optionally, the sensing device is used in a currency counter including aset of instructions for counting currency documents where each currencydocument having disposed therein or thereon at least one coded dataportion being indicative of at least an identity of the currencydocument, the currency counter having: an input for receiving a numberof currency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor, the set of instructions, whenexecuted by the processor, causing the processor to: determine, from theat least one sensed coded data portion, a sensed identity for eachcurrency document; determine, from the sensed identity, a determinedvalue for each currency document; and, count the currency documentsusing the determined values.

Optionally, the sensing device further includes a processor for use in adevice for authenticating security documents, the security documenthaving disposed thereon or therein coded data at least partiallyindicative of an identity of the security document and a signature, thesignature being a digital signature of at least part of the identity,the processor being adapted to: receive indicating data from a sensor inthe device, the sensor being responsive to sensing of the coded data togenerate indicating data at least partially indicative of: the identity;and, at least part of the signature; determine, from the indicatingdata, a determined identity and at least one determined signature part;and, authenticate the security document using the determined identityand the at least one determined signature part.

Optionally, the sensing device is used in a method of counting currencydocuments, each currency document having disposed thereon or thereincoded data including a plurality of coded data portions, each coded dataportion being at least partially indicative of an identity of thecurrency document, the method including, in the sensing device: sensingat least one coded data portion for each currency document; generating,using the sensed coded data portion, indicating data at least partiallyindicative of the identity of each currency document; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, using the indicatingdata, a determined identity for each currency document; determine, usingeach determined identity, a value for each currency document; and, countthe currency documents using the determined values.

Optionally, the sensing device is used in a method for authenticatingand evaluating a currency document, the currency document havingdisposed thereon or therein coded data including a plurality of codeddata portions, the method including, in the sensing device: sensing atleast one coded data portion; generating, using the sensed coded dataportion, indicating data at least partially indicative of: an identityof the currency document; and at least part of a signature, thesignature being a digital signature of at least part of the identity;and, transferring the indicating data to a computer system, the computersystem being responsive to the indicating data to: determine, from theindicating data, a received identity, and a received signature part;authenticate the currency document using the received identity and thereceived signature part; and, in response to a successfulauthentication, determine, using the received identity, a valueassociated with the currency document.

Optionally, the sensing device is used with a security documentincluding anti-copy protection, the security document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of an identity, the identitybeing uniquely indicative of the respective security document and beingstored in a data store to allow for duplication of the security documentto be determined.

Optionally, the sensing device is used with a security documentincluding anti-forgery protection, the security document having disposedthereon or therein coded data including a plurality of coded dataportions, each coded data portion being indicative of: an identity ofthe currency document; and at least part of a signature, the signaturebeing formed by encrypting at least part of the identity using a privatekey of public/private key pair, such that: valid security documents canonly be created using the private key; and, validity of the securitydocument can be confirmed using the corresponding public key.

Optionally, the sensing device is used in a method of recovering astolen security document, the security document having disposed thereonor therein coded data including a number of coded data portions, eachcoded data portion being indicative of at least an identity of thesecurity document, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

In a third broad form the invention provides a method of determining acounterfeit security document, the security document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of: an identity of the securitydocument; and, at least part of a signature, the signature being adigital signature of at least part of the identity; wherein the methodincludes: in a sensing device: sensing at least one coded data portion;and, generating, using the sensed coded data portion, indicating dataindicative of: the identity; and, at least one signature part; in aprocessor: determining, from the indicating data: a determined identity;and, at least one determined signature part; determining if the securitydocument is a counterfeit document using the determined identity and theat least one determined signature part.

Optionally, the method includes, in the processor: accessing a datastore, using the determined identity, to determine a stored signaturepart; comparing the stored signature part to the at least one determinedsignature part; and, authenticating the security document using theresults of the comparison to thereby determine if the document is acounterfeit.

Optionally, the method includes, in the processor: generating, using thedetermined identity and a key, at least a generated signature part;comparing the generated signature part to the at least one determinedsignature part; and, authenticating the security document using theresults of the comparison to thereby determine if the document is acounterfeit.

Optionally, the entire signature is encoded within a plurality of codeddata portions, and wherein the method includes: in the sensing device:sensing a number of coded data portions to thereby determine the entiresignature; and, generating the indicating data using the sensed codeddata portions; and, in the processor: determining, from the indicatingdata, a plurality of determined signature parts representing the entiresignature; generating, using the plurality of determined signature partsand a key, a generated identity; comparing the generated identity to thedetermined identity; and, authenticating the security document using theresults of the comparison to thereby determine if the document is acounterfeit.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the processor forms part of the sensing device.

Optionally, the processor forms part of a computer system, and whereinthe method includes, transferring the indicating data to the computersystem via a communications system.

Optionally, the method includes, in the processor: accessing, using thedetermined identity, tracking data indicative of, for each of a numberof existing security documents: the identity of the security document;and, tracking information indicative of the location of the securitydocument; determining, using the tracking information, if the securitydocument is a duplicate of one of the existing security documents.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the sensing device stores data indicative of at least one ofan identity of the sensing device and an identity of a user, and whereinthe method includes, in the sensing device, generating the indicatingdata using the stored data.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the method is further used for tracking a security document,the method including, in a computer system: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data indicative of the identity ofthe product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the product item; and, tracking information.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the method is further used for determining a possibleduplicated security document, wherein the method includes, in a computersystem: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the method is used in a currency counter for countingcurrency documents, each currency document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the currency document,the counter including: an input for receiving a number of currencydocuments to be counted; an output for providing counted currencydocuments; a feed mechanism for transporting currency documents from theinput to the output along a feed path; a sensor for sensing at least onecoded data portion for each currency document transported along the feedpath; and, a processor for: determining, from the at least one sensedcoded data portion, a sensed identity for each currency document;determining, from the sensed identity, a determined value for eachcurrency document; and, counting the currency documents using thedetermined values.

Optionally, the security document having a security feature, wherein themethod of providing the security document includes: creating thesecurity document; determining an identity associated with the securitydocument; generating a signature using the identity, the signature beinga digital signature of at least part of the identity; generating codeddata, the coded data including a number of coded data portions, eachcoded data portion being indicative of: the identity of the securitydocument; and, at least part of the signature; and, printing the codeddata on the security document.

Optionally, the security document being printed with a security feature,wherein the method of printing the security document includes: receivingthe security document; receiving identity data, the identity data beingat least partially indicative of an identity of the security document,the identity data being encrypted using a public key; determining theidentity by decrypting the received identity data using a secret keyassociated with the public key; generating a signature using thedetermined identity, the signature being a digital signature of at leastpart of the identity; generating coded data at least partiallyindicative of: the identity of the security document; and, at least partof the signature; and, printing the coded data on the security document.

Optionally, the method is used in a system for recording a transactionrelating to a security document, the system including a computer systemfor: receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; and, updating, using the receivedindicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the method is further used for monitoring transactionsinvolving security documents, the method including, in a computer systemand following a transaction involving a security document: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of,for each of a number of security documents, performed transactions;comparing the transaction data to one or more predetermined patterns tothereby determine the presence or absence of a cash flow anomaly.

Optionally, the method includes using a security document database, thedatabase storing security document data including, for each of a numberof security documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the method is further used for causing a computer system tomonitor transactions involving security documents, the method beingperformed using a set of instructions, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the set of instructions, whenexecuted by the computer system, causing the computer system to: receiveindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of:the identity of the security document; and, the transaction.

Optionally, the method is further used for counting currency documents,the method being performed using a set of instructions, each currencydocument having disposed therein or thereon at least one coded dataportion being indicative of at least an identity of the currencydocument, the currency counter having: an input for receiving a numberof currency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor, the set of instructions, whenexecuted by the processor, causing the processor to: determine, from theat least one sensed coded data portion, a sensed identity for eachcurrency document; determine, from the sensed identity, a determinedvalue for each currency document; and, count the currency documentsusing the determined values.

Optionally, the method is used in a processor for use in a device forauthenticating security documents, the coded data further being at leastpartially indicative of a signature, the signature being a digitalsignature of at least part of the identity, the processor being adaptedto: receive indicating data from a sensor in the device, the sensorbeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity; and, at least partof the signature; determine, from the indicating data, a determinedidentity and at least one determined signature part; and, authenticatethe security document using the determined identity and the at least onedetermined signature part.

Optionally, the method is further used for counting currency documents,each currency document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing at least partially indicative of an identity of the currencydocument, the method including, in a sensing device: sensing at leastone coded data portion for each currency document; generating, using thesensed coded data portion, indicating data at least partially indicativeof the identity of each currency document; and, transferring theindicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, using the indicatingdata, a determined identity for each currency document; determine, usingeach determined identity, a value for each currency document; and, countthe currency documents using the determined values.

Optionally, the method further being used for authenticating andevaluating a currency document, the currency document having disposedthereon or therein coded data including a plurality of coded dataportions, the method including, in a sensing device: sensing at leastone coded data portion; generating, using the sensed coded data portion,indicating data at least partially indicative of: an identity of thecurrency document; and at least part of a signature, the signature beinga digital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the security document includes anti-copy protection, theidentity being uniquely indicative of the respective security documentand being stored in a data store to allow for duplication of thesecurity document to be determined.

Optionally, the security document includes anti-forgery protection, eachcoded data portion being further indicative of at least part of asignature, the signature being formed by encrypting at least part of theidentity using a private key of public/private key pair, such that:valid security documents can only be created using the private key; and,validity of the security document can be confirmed using thecorresponding public key.

Optionally, the method is further used for recovering a stolen securitydocument, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

In a fourth broad form the invention provides a method of determining apossible duplicated security document, the security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, and wherein the method includes, in acomputer system: receiving indicating data from a sensing device, thesensing device being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the tracking data is indicative of tracking information foreach of a number of existing security documents, and wherein the methodincludes, in the computer system, determining if the security documentis a duplicate of one of the existing security documents.

Optionally, the method includes, in the computer system: determining,using the indicating data, a current location of the security document;comparing the current location to the tacking information; and,determining the security document to be a possible duplicate if thecurrent location is inconsistent with the tracking information.

Optionally, the method includes, in the computer system, determining ifthe current location is inconsistent with the tracking information usingpredetermined rules.

Optionally, each coded data portion is indicative of at least part of asignature, the signature being a digital signature of at least part ofthe identity, and wherein the method includes, in the computer system:receiving indicating data indicative of the identity of the securitydocument and at least one signature part; determining, from theindicating data: the determined identity; and, at least one determinedsignature part; determining if the security document is a counterfeitdocument using the determined identity and the at least one determinedsignature part.

Optionally, the method includes, in the computer system: accessing adata store, using the determined identity, to determine a storedsignature part; comparing the stored signature part to the at least onedetermined signature part; and, authenticating the security documentusing the results of the comparison to thereby determine if the documentis a counterfeit.

Optionally, the method includes, in the computer system: generating,using the determined identity and a key, at least a generated signaturepart; comparing the generated signature part to the at least onedetermined signature part; and, authenticating the security documentusing the results of the comparison to thereby determine if the documentis a counterfeit.

Optionally, the entire signature is encoded within a plurality of codeddata portions, and wherein the method includes, in the computer system:determining, from the indicating data, a plurality of determinedsignature parts representing the entire signature; generating, using theplurality of determined signature parts and a key, a generated identity;comparing the generated identity to the determined identity; and,authenticating the security document using the results of the comparisonto thereby determine if the document is a counterfeit.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the method is further used for tracking a security document,the method including, in a computer system: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data indicative of the identity ofthe product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the product item; and, tracking information.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the method is further used for determining a counterfeitsecurity document, each coded data portion being further indicative ofat least part of a signature, the signature being a digital signature ofat least part of the identity, wherein the method further includes: in asensing device: generating, using the sensed coded data portion,indicating data indicative of: the identity; and, at least one signaturepart; and, in a processor: determining, from the indicating data: adetermined identity; and, at least one determined signature part; and,determining if the security document is a counterfeit document using thedetermined identity and the at least one determined signature part.

Optionally, the method is used in a currency counter for countingcurrency documents, each currency document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the currency document,the counter including: an input for receiving a number of currencydocuments to be counted; an output for providing counted currencydocuments; a feed mechanism for transporting currency documents from theinput to the output along a feed path; a sensor for sensing at least onecoded data portion for each currency document transported along the feedpath; and, a processor for: determining, from the at least one sensedcoded data portion, a sensed identity for each currency document;determining, from the sensed identity, a determined value for eachcurrency document; and, counting the currency documents using thedetermined values.

Optionally, the security document having a security feature, wherein themethod of providing the security document includes: creating thesecurity document; determining an identity associated with the securitydocument; generating a signature using the identity, the signature beinga digital signature of at least part of the identity; generating codeddata, the coded data including a number of coded data portions, eachcoded data portion being indicative of: the identity of the securitydocument; and, at least part of the signature; and, printing the codeddata on the security document.

Optionally, the security document being printed with a security feature,wherein the method of printing the security document includes: receivingthe security document; receiving identity data, the identity data beingat least partially indicative of an identity of the security document,the identity data being encrypted using a public key; determining theidentity by decrypting the received identity data using a secret keyassociated with the public key; generating a signature using thedetermined identity, the signature being a digital signature of at leastpart of the identity; generating coded data at least partiallyindicative of: the identity of the security document; and, at least partof the signature; and, printing the coded data on the security document.

Optionally, the method is used in a system for recording a transactionrelating to a security document, the system including a computer systemfor: receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; and, updating, using the receivedindicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the method is further used for monitoring transactionsinvolving security documents, the method including, in a computer systemand following a transaction involving a security document: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of,for each of a number of security documents, performed transactions;comparing the transaction data to one or more predetermined patterns tothereby determine the presence or absence of a cash flow anomaly.

Optionally, the method includes using a security document database, thedatabase storing security document data including, for each of a numberof security documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the method is further used for causing a computer system tomonitor transactions involving security documents, the method beingperformed using a set of instructions, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the set of instructions, whenexecuted by the computer system, causing the computer system to: receiveindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of:the identity of the security document; and, the transaction.

Optionally, the method is further used for counting currency documents,the method being performed using a set of instructions, each currencydocument having disposed therein or thereon at least one coded dataportion being indicative of at least an identity of the currencydocument, the currency counter having: an input for receiving a numberof currency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor, the set of instructions, whenexecuted by the processor, causing the processor to: determine, from theat least one sensed coded data portion, a sensed identity for eachcurrency document; determine, from the sensed identity, a determinedvalue for each currency document; and, count the currency documentsusing the determined values.

Optionally, the method is used in a processor for use in a device forauthenticating security documents, the coded data further being at leastpartially indicative of a signature, the signature being a digitalsignature of at least part of the identity, the processor being adaptedto: receive indicating data from a sensor in the device, the sensorbeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity; and, at least partof the signature; determine, from the indicating data, a determinedidentity and at least one determined signature part; and, authenticatethe security document using the determined identity and the at least onedetermined signature part.

Optionally, the method is further used for counting currency documents,each currency document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing at least partially indicative of an identity of the currencydocument, the method including, in a sensing device: sensing at leastone coded data portion for each currency document; generating, using thesensed coded data portion, indicating data at least partially indicativeof the identity of each currency document; and, transferring theindicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, using the indicatingdata, a determined identity for each currency document; determine, usingeach determined identity, a value for each currency document; and, countthe currency documents using the determined values.

Optionally, the method further being used for authenticating andevaluating a currency document, the currency document having disposedthereon or therein coded data including a plurality of coded dataportions, the method including, in a sensing device: sensing at leastone coded data portion; generating, using the sensed coded data portion,indicating data at least partially indicative of: an identity of thecurrency document; and at least part of a signature, the signature beinga digital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the security document includes anti-copy protection, theidentity being uniquely indicative of the respective security documentand being stored in a data store to allow for duplication of thesecurity document to be determined.

Optionally, the security document includes anti-forgery protection, eachcoded data portion being further indicative of at least part of asignature, the signature being formed by encrypting at least part of theidentity using a private key of public/private key pair, such that:valid security documents can only be created using the private key; and,validity of the security document can be confirmed using thecorresponding public key.

Optionally, the method is further used for recovering a stolen securitydocument, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

In another broad form the invention provides a method of determining aduplicated security document, the security document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of at least an identity of thesecurity document, and wherein the method includes, in a sensing device:sensing at least one coded data portion; generating, using the sensedcoded data portion, indicating data indicative of the identity of thesecurity document; transferring the indicating data to a computersystem, the computer system being responsive to the indicating data to:determine, from the indicating data, a determined identity; access,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determine, using the trackinginformation, if the security document is a possible duplicate.

Optionally, each coded data portion is indicative of at least part of asignature, the signature being a digital signature of at least part ofthe identity, and the entire signature is encoded within a plurality ofcoded data portions, and wherein the method includes, in the sensingdevice: sensing a plurality of coded data portions to thereby determine:a determined identity; and, a determined entire signature; generating,using the determined entire and a key, a generated identity; comparingthe generated identity to the determined identity; and, authenticatingthe security document using the results of the comparison to therebydetermine if the document is a counterfeit.

In a fifth broad form the invention provides a currency counter forcounting currency documents, each currency document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of an identity of the currencydocument, the counter including: an input for receiving a number ofcurrency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path, a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor for: determining, from the atleast one sensed coded data portion, a sensed identity for each currencydocument; determining, from the sensed identity, a determined value foreach currency document; and, counting the currency documents using thedetermined values.

Optionally, the counter further includes a number of outputs, andwherein the processor controls the feed mechanism to thereby transportcurrency documents to the outputs using the determined value for thecurrency document.

Optionally, the each coded data portion is indicative of at least partof a signature, the signature being a digital signature of at least partof the identity, and wherein the processor: determines, from the atleast one sensed coded data portion, at least one sensed signature part;and, determines if the currency document is a counterfeit document usingthe sensed identity and the at least one sensed signature part.

Optionally, the currency counter includes a second output, and whereinthe processor controls the feed mechanism to thereby transportcounterfeit currency documents to the second output.

Optionally, the processor: accesses a data store, using the sensedidentity, to determine a stored signature part; compares the storedsignature part to the at least one sensed signature part; and,authenticates the currency document using the results of the comparisonto thereby determine if the document is a counterfeit.

Optionally, the processor: generates, using the sensed identity and akey, at least a generated signature part; compares the generatedsignature part to the at least one sensed signature part; and,authenticates the currency document using the results of the comparisonto thereby determine if the document is a counterfeit.

Optionally, the entire signature is encoded within a plurality of codeddata portions, and wherein the processor: determines, from a pluralityof sensed coded data portions, a plurality of sensed signature partsrepresenting the entire signature; generates, using the plurality ofsensed signature parts and a key, a generated identity; compares thegenerated identity to the sensed identity; and, authenticates thecurrency document using the results of the comparison to therebydetermine if the document is a counterfeit. 8. A currency counteraccording to claim 3, wherein the signature is a digital signature of atleast part of the identity and at least part of predetermined padding,the padding being at least one of: a predetermined number; and, a randomnumber.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the processor: accesses, using the sensed identity, trackingdata indicative of, for each of a number of existing currency documents:the identity of the currency document; and, tracking informationindicative of the location of the currency document; at least one of:determines, using the tracking information, if the currency document isa duplicate of one of the existing currency documents; and, updates thetracking information.

Optionally, the counter includes a communications system, and whereinthe processor includes a first processor part provided in a counterhousing and a second remote processor part coupled to the firstprocessor part via the communications system, and wherein the firstprocessor part: generates indicating data indicative of at least one of:the sensed identity; and, at least one sensed signature part; transfersthe indicating data to a second processor part via the communicationssystem, and wherein the second processor part is responsive to theindicating data to perform at least one of: determination of a valueassociated with the currency document; and, determination of whether thecurrency document is a counterfeit document.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the currency document is at least one of: a currency note;and, a check, and wherein the identity is indicative of at least one of:a currency note attribute including at least one of: currency; issuecountry; denomination; note side; printing works; and serial number;and, a check attribute including at least one of: currency; issuinginstitution; account number; serial number; expiry date; check value;and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the currency counter further performs a method of tracking asecurity document, the security document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the security document,the method including, in a computer system: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data indicative of the identity ofthe product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the product item; and, tracking information.

Optionally, the currency counter further includes a sensing device foruse with a security document, the security document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of an identity of the securitydocument, the sensing device including: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the currency counter further performs a method ofdetermining a counterfeit security document, the security documenthaving disposed thereon or therein coded data including a number ofcoded data portions, each coded data portion being indicative of: anidentity of the security document; and, at least part of a signature,the signature being a digital signature of at least part of theidentity; wherein the method includes: in a sensing device: sensing atleast one coded data portion; and, generating, using the sensed codeddata portion, indicating data indicative of: the identity; and, at leastone signature part; in a processor: determining, from the indicatingdata: a determined identity; and, at least one determined signaturepart; determining if the security document is a counterfeit documentusing the determined identity and the at least one determined signaturepart.

Optionally, the currency counter further performs a method ofdetermining a possible duplicated security document, the securitydocument having disposed thereon or therein coded data including anumber of coded data portions, each coded data portion being indicativeof at least an identity of the security document, and wherein the methodincludes, in a computer system: receiving indicating data from a sensingdevice, the sensing device being responsive to sensing of the coded datato generate indicating data indicative of the identity of the securitydocument; determining, from the indicating data, a determined identity;accessing, using the determined identity, tracking data indicative of:the identity of the security document; and, tracking informationindicative of the location of the security document; and, determining,using the tracking information, if the security document is a possibleduplicate.

Optionally, the currency counter further performs a method of providinga security document having a security feature, the method including:creating the security document; determining an identity associated withthe security document; generating a signature using the identity, thesignature being a digital signature of at least part of the identity;generating coded data, the coded data including a number of coded dataportions, each coded data portion being indicative of: the identity ofthe security document; and, at least part of the signature; and,printing the coded data on the security document.

Optionally, the currency counter further performs a method of printing asecurity document having a security feature, the method including:receiving the security document; receiving identity data, the identitydata being at least partially indicative of an identity of the securitydocument, the identity data being encrypted using a public key;determining the identity by decrypting the received identity data usinga secret key associated with the public key; generating a signatureusing the determined identity, the signature being a digital signatureof at least part of the identity; generating coded data at leastpartially indicative of: the identity of the security document; and, atleast part of the signature; and, printing the coded data on thesecurity document.

Optionally, the currency counter further includes a system for recordinga transaction relating to a security document, the security documenthaving disposed thereon or therein coded data including a number ofcoded data portions, each coded data portion being indicative of atleast an identity of the security document, the system including acomputer system for: receiving indicating data from a sensing device,the sensing device being responsive to sensing of the coded data togenerate indicating data at least partially indicative of: the identityof the security document; and, the transaction; and, updating, using thereceived indicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the currency counter further performs a method formonitoring transactions involving security documents, each securitydocument having disposed thereon or therein coded data including anumber of coded data portions, each coded data portion being indicativeof at least an identity of the security document, the method including,in a computer system and following a transaction involving a securitydocument: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; updating, using the received indicatingdata, transaction data stored in a data store, the transaction databeing indicative of, for each of a number of security documents,performed transactions; comparing the transaction data to one or morepredetermined patterns to thereby determine the presence or absence of acash flow anomaly.

Optionally, the currency counter further uses a security documentdatabase, the database storing security document data including, foreach of a number of security documents: identity data, the identity databeing at least partially indicative of an identity of the securitydocument; attribute data, the attribute data being at least partiallyindicative of one or more attributes of the security document; wherein,in use, the security document database allows a computer system to:receive, from a sensing device, indicating data at least partiallyindicative of at least one of: the identity; and one or more attributes;use the received indicating data and the security document data toperform an action associated with the security document.

Optionally, the currency counter further includes A set of instructionsfor causing a computer system to monitor transactions involving securitydocuments, each security document having disposed thereon or thereincoded data including a number of coded data portions, each coded dataportion being indicative of at least an identity of the securitydocument, the set of instructions, when executed by the computer system,causing the computer system to: receive indicating data from a sensingdevice, the sensing device being responsive to sensing of coded data togenerate indicating data at least partially indicative of: the identityof the security document; and, the transaction; updating, using thereceived indicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the currency counter further includes a set of instructionsfor a currency counter, the currency counter being used for countingcurrency documents where each currency document having disposed thereinor thereon at least one coded data portion being indicative of at leastan identity of the currency document, the currency counter having: aninput for receiving a number of currency documents to be counted; anoutput for providing counted currency documents; a feed mechanism fortransporting currency documents from the input to the output along afeed path; a sensor for sensing at least one coded data portion for eachcurrency document transported along the feed path; and, a processor, theset of instructions, when executed by the processor, causing theprocessor to: determine, from the at least one sensed coded dataportion, a sensed identity for each currency document; determine, fromthe sensed identity, a determined value for each currency document; and,count the currency documents using the determined values.

Optionally, the currency counter further includes a processor for use ina device for authenticating security documents, the security documenthaving disposed thereon or therein coded data at least partiallyindicative of an identity of the security document and a signature, thesignature being a digital signature of at least part of the identity,the processor being adapted to: receive indicating data from a sensor inthe device, the sensor being responsive to sensing of the coded data togenerate indicating data at least partially indicative of: the identity;and, at least part of the signature; determine, from the indicatingdata, a determined identity and at least one determined signature part;and, authenticate the security document using the determined identityand the at least one determined signature part.

Optionally, the currency counter further performs a method of countingcurrency documents, each currency document having disposed thereon ortherein coded data including a plurality of coded data portions, eachcoded data portion being at least partially indicative of an identity ofthe currency document, the method including, in a sensing device:sensing at least one coded data portion for each currency document;generating, using the sensed coded data portion, indicating data atleast partially indicative of the identity of each currency document;and, transferring the indicating data to a computer system, the computersystem being responsive to the indicating data to: determine, using theindicating data, a determined identity for each currency document;determine, using each determined identity, a value for each currencydocument; and, count the currency documents using the determined values.

Optionally, the currency counter further performs a method forauthenticating and evaluating a currency document, the currency documenthaving disposed thereon or therein coded data including a plurality ofcoded data portions, the method including, in a sensing device: sensingat least one coded data portion; generating, using the sensed coded dataportion, indicating data at least partially indicative of: an identityof the currency document; and at least part of a signature, thesignature being a digital signature of at least part of the identity;and, transferring the indicating data to a computer system, the computersystem being responsive to the indicating data to: determine, from theindicating data, a received identity, and a received signature part;authenticate the currency document using the received identity and thereceived signature part; and, in response to a successfulauthentication, determine, using the received identity, a valueassociated with the currency document.

Optionally, at least one currency document includes anti-copyprotection, the security document having disposed thereon or thereincoded data including a number of coded data portions, each coded dataportion being indicative of an identity, the identity being uniquelyindicative of the respective security document and being stored in adata store to allow for duplication of the security document to bedetermined.

Optionally, at least one currency document includes anti-forgeryprotection, the security document having disposed thereon or thereincoded data including a plurality of coded data portions, each coded dataportion being indicative of: an identity of the currency document; andat least part of a signature, the signature being formed by encryptingat least part of the identity using a private key of public/private keypair, such that: valid security documents can only be created using theprivate key; and, validity of the security document can be confirmedusing the corresponding public key.

Optionally, the currency counter further performs a method of recoveringa stolen security document, the security document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of at least an identity of thesecurity document, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

In a sixth broad form the invention provides a method of providing asecurity document having a security feature, the method including:creating the security document; determining an identity associated withthe security document; generating a signature using the identity, thesignature being a digital signature of at least part of the identity;generating coded data, the coded data including a number of coded dataportions, each coded data portion being indicative of: the identity ofthe security document; and, at least part of the signature; and,printing the coded data on the security document.

Optionally, the method includes generating the signature using a secretkey, the secret key being known only to authorised document producers.

Optionally, the method includes printing the coded data using a printer,the printer including a processor and a secure data store, and whereinthe method includes causing the processor to generate the signatureusing a secret key stored in the data store.

Optionally, the security document includes visible information, andwherein the method includes: determining a layout; and, printing thecoded data using the layout, at least some of the coded data beingsubstantially coincident with at least some of the visible information.

Optionally, the security document includes visible information, andwherein the method includes: determining a layout; and, printing thecoded data and the visible information using the layout.

Optionally, the method includes updating tracking data stored in a datastore, the tracking data being indicative of: the identity of theproduct item; and, tracking information indicative of at least one of: adate of creation of the security document; a creator of the securitydocument; a current location of the security document; an intendeddestination for the security document; and, a date of expiry for thesecurity document.

Optionally, the method includes: receiving the security document;scanning the security document to determine information indicative of atleast one of: a source of the security document; a security documenttype; and, a value associated with the security document; and,determining the identity using the determined information.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the method includes encoding the entire signature within aplurality of coded data portions.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the method is further used for tracking a security document,the method including, in a computer system: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data indicative of the identity ofthe product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the product item; and, tracking information.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the method is further used for determining a counterfeitsecurity document, each coded data portion being further indicative ofat least part of a signature, the signature being a digital signature ofat least part of the identity, wherein the method further includes: in asensing device: generating, using the sensed coded data portion,indicating data indicative of: the identity; and, at least one signaturepart; and, in a processor: determining, from the indicating data: adetermined identity; and, at least one determined signature part; and,determining if the security document is a counterfeit document using thedetermined identity and the at least one determined signature part.

Optionally, the method is further used for determining a possibleduplicated security document, wherein the method includes, in a computersystem: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the method is used in a currency counter for countingcurrency documents, each currency document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the currency document,the counter including: an input for receiving a number of currencydocuments to be counted; an output for providing counted currencydocuments; a feed mechanism for transporting currency documents from theinput to the output along a feed path; a sensor for sensing at least onecoded data portion for each currency document transported along the feedpath; and, a processor for: determining, from the at least one sensedcoded data portion, a sensed identity for each currency document;determining, from the sensed identity, a determined value for eachcurrency document; and, counting the currency documents using thedetermined values.

Optionally, the security document being printed with a security feature,wherein the method of printing the security document includes: receivingthe security document; receiving identity data, the identity data beingat least partially indicative of an identity of the security document,the identity data being encrypted using a public key; determining theidentity by decrypting the received identity data using a secret keyassociated with the public key; generating a signature using thedetermined identity, the signature being a digital signature of at leastpart of the identity; generating coded data at least partiallyindicative of: the identity of the security document; and, at least partof the signature; and, printing the coded data on the security document.

Optionally, the method is used in a system for recording a transactionrelating to a security document, the system including a computer systemfor: receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; and, updating, using the receivedindicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the method is further used for monitoring transactionsinvolving security documents, the method including, in a computer systemand following a transaction involving a security document: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of,for each of a number of security documents, performed transactions;comparing the transaction data to one or more predetermined patterns tothereby determine the presence or absence of a cash flow anomaly.

Optionally, the method includes using a security document database, thedatabase storing security document data including, for each of a numberof security documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the method is further used for causing a computer system tomonitor transactions involving security documents, the method beingperformed using a set of instructions, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the set of instructions, whenexecuted by the computer system, causing the computer system to: receiveindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of:the identity of the security document; and, the transaction.

Optionally, the method is further used for counting currency documents,the method being performed using a set of instructions, each currencydocument having disposed therein or thereon at least one coded dataportion being indicative of at least an identity of the currencydocument, the currency counter having: an input for receiving a numberof currency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor, the set of instructions, whenexecuted by the processor, causing the processor to: determine, from theat least one sensed coded data portion, a sensed identity for eachcurrency document; determine, from the sensed identity, a determinedvalue for each currency document; and, count the currency documentsusing the determined values.

Optionally, the method is used in a processor for use in a device forauthenticating security documents, the coded data further being at leastpartially indicative of a signature, the signature being a digitalsignature of at least part of the identity, the processor being adaptedto: receive indicating data from a sensor in the device, the sensorbeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity; and, at least partof the signature; determine, from the indicating data, a determinedidentity and at least one determined signature part; and, authenticatethe security document using the determined identity and the at least onedetermined signature part.

Optionally, the method is further used for counting currency documents,each currency document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing at least partially indicative of an identity of the currencydocument, the method including, in a sensing device: sensing at leastone coded data portion for each currency document; generating, using thesensed coded data portion, indicating data at least partially indicativeof the identity of each currency document; and, transferring theindicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, using the indicatingdata, a determined identity for each currency document; determine, usingeach determined identity, a value for each currency document; and, countthe currency documents using the determined values.

Optionally, the method further being used for authenticating andevaluating a currency document, the currency document having disposedthereon or therein coded data including a plurality of coded dataportions, the method including, in a sensing device: sensing at leastone coded data portion; generating, using the sensed coded data portion,indicating data at least partially indicative of: an identity of thecurrency document; and at least part of a signature, the signature beinga digital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the security document includes anti-copy protection, theidentity being uniquely indicative of the respective security documentand being stored in a data store to allow for duplication of thesecurity document to be determined.

Optionally, the security document includes anti-forgery protection, eachcoded data portion being further indicative of at least part of asignature, the signature being formed by encrypting at least part of theidentity using a private key of public/private key pair, such that:valid security documents can only be created using the private key; and,validity of the security document can be confirmed using thecorresponding public key.

Optionally, the method is further used for recovering a stolen securitydocument, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered. In a seventh broad form the invention provides a method ofprinting a security document having a security feature, the methodincluding: receiving the security document; receiving identity data, theidentity data being at least partially indicative of an identity of thesecurity document, the identity data being encrypted using a public key;determining the identity by decrypting the received identity data usinga secret key associated with the public key; generating a signatureusing the determined identity, the signature being a digital signatureof at least part of the identity; generating coded data at leastpartially indicative of: the identity of the security document; and, atleast part of the signature; and, printing the coded data on thesecurity document.

Optionally, the security document includes visible information, andwherein the method includes overprinting the coded data on the visibleinformation.

Optionally, a secure data store is used for storing document data andwhere the method includes generating the signature using the data storedin the data store.

Optionally, the method includes encoding the entire signature within aplurality of coded data portions.

Optionally, the method includes: determining a layout, the layout beingat least one of: a coded data layout, the layout being indicative of theposition of each coded data portion on the security document; and, adocument description, the document description being indicative of theposition of the visible information on the packaging; and, prints, usingthe layout, at least one of the coded data and the visible information.

Optionally, a communication system is used for communicating with adatabase, the database storing data relating the security, including atleast one of: a currency note attribute including at least one of:currency; issue country; denomination; note side; printing works; andserial number; a check attribute including at least one of: currency;issuing institution; account number; serial number; expiry date; checkvalue; and limit; a card attribute including at least one of: card type;issuing institution; account number; issue date; expiry date; and limit.

Optionally, the method includes, at least one of: updating at least someof the data relating to the security document; and, generating the codeddata using at least some of the data relating to the security.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the method is further used for tracking a security document,the method including, in a computer system: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data indicative of the identity ofthe product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the product item; and, tracking information.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the method is further used for determining a counterfeitsecurity document, each coded data portion being further indicative ofat least part of a signature, the signature being a digital signature ofat least part of the identity, wherein the method further includes: in asensing device: generating, using the sensed coded data portion,indicating data indicative of: the identity; and, at least one signaturepart; and, in a processor: determining, from the indicating data: adetermined identity; and, at least one determined signature part; and,determining if the security document is a counterfeit document using thedetermined identity and the at least one determined signature part.

Optionally, the method is further used for determining a possibleduplicated security document, wherein the method includes, in a computersystem: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the method is used in a currency counter for countingcurrency documents, each currency document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the currency document,the counter including: an input for receiving a number of currencydocuments to be counted; an output for providing counted currencydocuments; a feed mechanism for transporting currency documents from theinput to the output along a feed path; a sensor for sensing at least onecoded data portion for each currency document transported along the feedpath; and, a processor for: determining, from the at least one sensedcoded data portion, a sensed identity for each currency document;determining, from the sensed identity, a determined value for eachcurrency document; and, counting the currency documents using thedetermined values.

Optionally, the security document having a security feature, wherein themethod of providing the security document includes: creating thesecurity document; determining an identity associated with the securitydocument; generating a signature using the identity, the signature beinga digital signature of at least part of the identity; generating codeddata, the coded data including a number of coded data portions, eachcoded data portion being indicative of: the identity of the securitydocument; and, at least part of the signature; and, printing the codeddata on the security document.

Optionally, the method is used in a system for recording a transactionrelating to a security document, the system including a computer systemfor: receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; and, updating, using the receivedindicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the method is further used for monitoring transactionsinvolving security documents, the method including, in a computer systemand following a transaction involving a security document: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of,for each of a number of security documents, performed transactions;comparing the transaction data to one or more predetermined patterns tothereby determine the presence or absence of a cash flow anomaly.

Optionally, the method includes using a security document database, thedatabase storing security document data including, for each of a numberof security documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the method is further used for causing a computer system tomonitor transactions involving security documents, the method beingperformed using a set of instructions, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the set of instructions, whenexecuted by the computer system, causing the computer system to: receiveindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of:the identity of the security document; and, the transaction.

Optionally, the method is further used for counting currency documents,the method being performed using a set of instructions, each currencydocument having disposed therein or thereon at least one coded dataportion being indicative of at least an identity of the currencydocument, the currency counter having: an input for receiving a numberof currency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor, the set of instructions, whenexecuted by the processor, causing the processor to: determine, from theat least one sensed coded data portion, a sensed identity for eachcurrency document; determine, from the sensed identity, a determinedvalue for each currency document; and, count the currency documentsusing the determined values.

Optionally, the method is used in a processor for use in a device forauthenticating security documents, the coded data further being at leastpartially indicative of a signature, the signature being a digitalsignature of at least part of the identity, the processor being adaptedto: receive indicating data from a sensor in the device, the sensorbeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity; and, at least partof the signature; determine, from the indicating data, a determinedidentity and at least one determined signature part; and, authenticatethe security document using the determined identity and the at least onedetermined signature part.

Optionally, the method is further used for counting currency documents,each currency document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing at least partially indicative of an identity of the currencydocument, the method including, in a sensing device: sensing at leastone coded data portion for each currency document; generating, using thesensed coded data portion, indicating data at least partially indicativeof the identity of each currency document; and, transferring theindicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, using the indicatingdata, a determined identity for each currency document; determine, usingeach determined identity, a value for each currency document; and, countthe currency documents using the determined values.

Optionally, the method further being used for authenticating andevaluating a currency document, the currency document having disposedthereon or therein coded data including a plurality of coded dataportions, the method including, in a sensing device: sensing at leastone coded data portion; generating, using the sensed coded data portion,indicating data at least partially indicative of: an identity of thecurrency document; and at least part of a signature, the signature beinga digital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the security document includes anti-copy protection, theidentity being uniquely indicative of the respective security documentand being stored in a data store to allow for duplication of thesecurity document to be determined.

Optionally, the security document includes anti-forgery protection, eachcoded data portion being further indicative of at least part of asignature, the signature being formed by encrypting at least part of theidentity using a private key of public/private key pair, such that:valid security documents can only be created using the private key; and,validity of the security document can be confirmed using thecorresponding public key.

Optionally, the method is further used for recovering a stolen securitydocument, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

In another broad form the invention provides a printer for printing asecurity document having a security feature, the printer being for:receiving the security document; receiving identity data, the identitydata being at least partially indicative of an identity of the securitydocument, the identity data being encrypted using a public key;determining the identity by decrypting the received identity data usinga secret key associated with the public key; generating a signatureusing the determined identity, the signature being a digital signatureof at least part of the identity; generating coded data at leastpartially indicative of: the identity of the security document; and, atleast part of the signature; and, printing the coded data on thesecurity document.

In an eighth broad form the invention provides a system for recording atransaction relating to a security document, the security documenthaving disposed thereon or therein coded data including a number ofcoded data portions, each coded data portion being indicative of atleast an identity of the security document, the system including acomputer system for: receiving indicating data from a sensing device,the sensing device being responsive to sensing of the coded data togenerate indicating data at least partially indicative of: the identityof the security document; and, the transaction; and, updating, using thereceived indicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the transaction data is indicative of at least one of: atransaction type including at least one of: point of sale transaction;deposit transaction; and, withdrawal transaction; transaction details;identities of parties involved in the transaction; a transaction amount;a location of the transaction; and, a location of the sensing device.

Optionally, the computer system is configured to: approve thetransaction; and, in response to a successful approval: cause thetransaction to be performed; and, update the transaction data.

Optionally, the computer system is configured to approve the transactionby at least one of: authenticating the security document using theindicating data; and, comparing the transaction to at least onepredetermined criterion.

Optionally, the computer system includes a display for displaying atleast one of: an indication of approval of the transaction; results ofauthentication of the security document; results of a comparison of thetransaction to at least one predetermined criterion; and, transactiondata.

Optionally, each coded data portion is further indicative of at leastpart of a signature, the signature being a digital signature of at leastpart of the identity, and wherein the system is configured to:determine, from the indicating data, a determined identity and at leastone determined signature part; and, authenticate the security documentusing the determined identity and the at least one determined signaturepart.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the entire signature is encoded within a plurality of codeddata portions and wherein the system includes the sensing deviceconfigured to sense a number of coded data portions to thereby determinethe entire signature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the system is further used for a method of tracking asecurity document, the security document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the security document,the method including, in a computer system: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data indicative of the identity ofthe product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the product item; and, tracking information.

Optionally, the system is further includes a sensing device for use witha security document, the security document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the security document,the sensing device including: a housing adapted to be held by a user inuse; a radiation source for exposing at least one coded data portion; asensor for sensing the at least one exposed coded data portion; and, aprocessor for determining, using the at least one sensed coded dataportion, a sensed identity.

Optionally, the system is further used for a method of determining acounterfeit security document, the security document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of: an identity of the securitydocument; and, at least part of a signature, the signature being adigital signature of at least part of the identity; wherein the methodincludes: in a sensing device: sensing at least one coded data portion;and, generating, using the sensed coded data portion, indicating dataindicative of: the identity; and, at least one signature part; in aprocessor: determining, from the indicating data: a determined identity;and, at least one determined signature part; determining if the securitydocument is a counterfeit document using the determined identity and theat least one determined signature part.

Optionally, the system is further used for a method of determining apossible duplicated security document, the security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, and wherein the method includes, in acomputer system: receiving indicating data from a sensing device, thesensing device being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the system is further includes a currency counter forcounting currency documents, each currency document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of an identity of the currencydocument, the counter including: an input for receiving a number ofcurrency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor for: determining, from the atleast one sensed coded data portion, a sensed identity for each currencydocument; determining, from the sensed identity, a determined value foreach currency document; and, counting the currency documents using thedetermined values.

Optionally, the system is further used for a method of providing asecurity document having a security feature, the method including:creating the security document; determining an identity associated withthe security document; generating a signature using the identity, thesignature being a digital signature of at least part of the identity;generating coded data, the coded data including a number of coded dataportions, each coded data portion being indicative of: the identity ofthe security document; and, at least part of the signature; and,printing the coded data on the security document.

Optionally, the system is further used for a method of printing asecurity document having a security feature, the method including:receiving the security document; receiving identity data, the identitydata being at least partially indicative of an identity of the securitydocument, the identity data being encrypted using a public key;determining the identity by decrypting the received identity data usinga secret key associated with the public key; generating a signatureusing the determined identity, the signature being a digital signatureof at least part of the identity; generating coded data at leastpartially indicative of: the identity of the security document; and, atleast part of the signature; and, printing the coded data on thesecurity document.

Optionally, the system is further used for a method for monitoringtransactions involving security documents, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the method including, in a computersystem and following a transaction involving a security document:receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of coded data to generate indicating data atleast partially indicative of: the identity of the security document;and, the transaction; updating, using the received indicating data,transaction data stored in a data store, the transaction data beingindicative of, for each of a number of security documents, performedtransactions; comparing the transaction data to one or morepredetermined patterns to thereby determine the presence or absence of acash flow anomaly.

Optionally, the system uses a security document database, the databasestoring security document data including, for each of a number ofsecurity documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the system is further includes a set of instructions forcausing a computer system to monitor transactions involving securitydocuments, each security document having disposed thereon or thereincoded data including a number of coded data portions, each coded dataportion being indicative of at least an identity of the securitydocument, the set of instructions, when executed by the computer system,causing the computer system to: receive indicating data from a sensingdevice, the sensing device being responsive to sensing of coded data togenerate indicating data at least partially indicative of: the identityof the security document; and, the transaction; updating, using thereceived indicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the system is further includes a set of instructions for acurrency counter, the currency counter being used for counting currencydocuments where each currency document having disposed therein orthereon at least one coded data portion being indicative of at least anidentity of the currency document, the currency counter having: an inputfor receiving a number of currency documents to be counted; an outputfor providing counted currency documents; a feed mechanism fortransporting currency documents from the input to the output along afeed path; a sensor for sensing at least one coded data portion for eachcurrency document transported along the feed path; and, a processor, theset of instructions, when executed by the processor, causing theprocessor to: determine, from the at least one sensed coded dataportion, a sensed identity for each currency document; determine, fromthe sensed identity, a determined value for each currency document; and,count the currency documents using the determined values.

Optionally, the system is further includes a processor for use in adevice for authenticating security documents, the security documenthaving disposed thereon or therein coded data at least partiallyindicative of an identity of the security document and a signature, thesignature being a digital signature of at least part of the identity,the processor being adapted to: receive indicating data from a sensor inthe device, the sensor being responsive to sensing of the coded data togenerate indicating data at least partially indicative of: the identity;and, at least part of the signature; determine, from the indicatingdata, a determined identity and at least one determined signature part;and, authenticate the security document using the determined identityand the at least one determined signature part.

Optionally, the system is further used for a method of counting currencydocuments, each currency document having disposed thereon or thereincoded data including a plurality of coded data portions, each coded dataportion being at least partially indicative of an identity of thecurrency document, the method including, in a sensing device: sensing atleast one coded data portion for each currency document; generating,using the sensed coded data portion, indicating data at least partiallyindicative of the identity of each currency document; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, using the indicatingdata, a determined identity for each currency document; determine, usingeach determined identity, a value for each currency document; and, countthe currency documents using the determined values.

Optionally, the system is further used for a method for authenticatingand evaluating a currency document, the currency document havingdisposed thereon or therein coded data including a plurality of codeddata portions, the method including, in a sensing device: sensing atleast one coded data portion; generating, using the sensed coded dataportion, indicating data at least partially indicative of: an identityof the currency document; and at least part of a signature, thesignature being a digital signature of at least part of the identity;and, transferring the indicating data to a computer system, the computersystem being responsive to the indicating data to: determine, from theindicating data, a received identity, and a received signature part;authenticate the currency document using the received identity and thereceived signature part; and, in response to a successfulauthentication, determine, using the received identity, a valueassociated with the currency document.

Optionally, the system is further used for a security document includinganti-copy protection, the security document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity, the identity beinguniquely indicative of the respective security document and being storedin a data store to allow for duplication of the security document to bedetermined.

Optionally, the security document includes anti-forgery protection, thesecurity document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing indicative of: an identity of the currency document; and at leastpart of a signature, the signature being formed by encrypting at leastpart of the identity using a private key of public/private key pair,such that: valid security documents can only be created using theprivate key; and, validity of the security document can be confirmedusing the corresponding public key.

Optionally, the system is further used for a method of recovering astolen security document, the security document having disposed thereonor therein coded data including a number of coded data portions, eachcoded data portion being indicative of at least an identity of thesecurity document, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

In another broad form the invention provides a system for recording atransaction relating to a security document, the security documenthaving disposed thereon or therein coded data including a number ofcoded data portions, each coded data portion being indicative of atleast an identity of the security document, the system including asensing device for: sensing at least one coded data portion;determining, using the at least one sensed coded data portion,indicating data indicative of the identity of the security document;and, transferring the indicating data to a computer system, the computersystem being responsive to the indicating data to update transactiondata stored in a data store, transaction data being indicative of: theidentity of the security document; and, the transaction.

In a ninth broad form the invention provides a method for monitoringtransactions involving security documents, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the method including, in a computersystem and following a transaction involving a security document:receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of coded data to generate indicating data atleast partially indicative of: the identity of the security document;and, the transaction; updating, using the received indicating data,transaction data stored in a data store, the transaction data beingindicative of, for each of a number of security documents, performedtransactions; comparing the transaction data to one or morepredetermined patterns to thereby determine the presence or absence of acash flow anomaly.

Optionally, the comparison is performed using at least one of: Datamining detection; and, Neural network detection.

Optionally, each predetermined pattern is at least partially related toat least one of: a predetermined transaction value; a predeterminednumber of transactions performed in a predetermined timeframe; anidentity of a particular party; a sequence of transactions related toone or more security documents; a cash flow demand forecast; and, ageographic trend.

Optionally, the computer system includes a display device, wherein themethod includes displaying, using the display device, at least one of:the comparison data; and, the transaction data.

Optionally, the method includes generating, using the transaction data,at least one of: a cash flow demand forecast; and, a geographic trend.

Optionally, each coded data portion is further indicative of at leastpart of a signature, the signature being a digital signature of at leastpart of the identity, and wherein the method includes, in the computersystem: determining, from the indicating data, a determined identity andat least one determined signature part; and, authenticating the securitydocument using the determined identity and the at least one determinedsignature part.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the entire signature is encoded within a plurality of codeddata portions and wherein the system includes the sensing deviceconfigured to sense a number of coded data portions to thereby determinethe entire signature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the method is further used for tracking a security document,the method including, in a computer system: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data indicative of the identity ofthe product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the product item; and, tracking information.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the method is further used for determining a counterfeitsecurity document, each coded data portion being further indicative ofat least part of a signature, the signature being a digital signature ofat least part of the identity, wherein the method further includes: in asensing device: generating, using the sensed coded data portion,indicating data indicative of: the identity; and, at least one signaturepart; and, in a processor: determining, from the indicating data: adetermined identity; and, at least one determined signature part; and,determining if the security document is a counterfeit document using thedetermined identity and the at least one determined signature part.

Optionally, the method is further used for determining a possibleduplicated security document, wherein the method includes, in a computersystem: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the method is used in a currency counter for countingcurrency documents, each currency document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the currency document,the counter including: an input for receiving a number of currencydocuments to be counted; an output for providing counted currencydocuments; a feed mechanism for transporting currency documents from theinput to the output along a feed path; a sensor for sensing at least onecoded data portion for each currency document transported along the feedpath; and, a processor for: determining, from the at least one sensedcoded data portion, a sensed identity for each currency document;determining, from the sensed identity, a determined value for eachcurrency document; and, counting the currency documents using thedetermined values.

Optionally, the security document having a security feature, wherein themethod of providing the security document includes: creating thesecurity document; determining an identity associated with the securitydocument; generating a signature using the identity, the signature beinga digital signature of at least part of the identity; generating codeddata, the coded data including a number of coded data portions, eachcoded data portion being indicative of: the identity of the securitydocument; and, at least part of the signature; and, printing the codeddata on the security document.

Optionally, the security document being printed with a security feature,wherein the method of printing the security document includes: receivingthe security document; receiving identity data, the identity data beingat least partially indicative of an identity of the security document,the identity data being encrypted using a public key; determining theidentity by decrypting the received identity data using a secret keyassociated with the public key; generating a signature using thedetermined identity, the signature being a digital signature of at leastpart of the identity; generating coded data at least partiallyindicative of: the identity of the security document; and, at least partof the signature; and, printing the coded data on the security document.

Optionally, the method is used in a system for recording a transactionrelating to a security document, the system including a computer systemfor: receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; and, updating, using the receivedindicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the method includes using a security document database, thedatabase storing security document data including, for each of a numberof security documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the method is further used for causing a computer system tomonitor transactions involving security documents, the method beingperformed using a set of instructions, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the set of instructions, whenexecuted by the computer system, causing the computer system to: receiveindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of:the identity of the security document; and, the transaction.

Optionally, the method is further used for counting currency documents,the method being performed using a set of instructions, each currencydocument having disposed therein or thereon at least one coded dataportion being indicative of at least an identity of the currencydocument, the currency counter having: an input for receiving a numberof currency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor, the set of instructions, whenexecuted by the processor, causing the processor to: determine, from theat least one sensed coded data portion, a sensed identity for eachcurrency document; determine, from the sensed identity, a determinedvalue for each currency document; and, count the currency documentsusing the determined values.

Optionally, the method is used in a processor for use in a device forauthenticating security documents, the coded data further being at leastpartially indicative of a signature, the signature being a digitalsignature of at least part of the identity, the processor being adaptedto: receive indicating data from a sensor in the device, the sensorbeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity; and, at least partof the signature; determine, from the indicating data, a determinedidentity and at least one determined signature part; and, authenticatethe security document using the determined identity and the at least onedetermined signature part.

Optionally, the method is further used for counting currency documents,each currency document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing at least partially indicative of an identity of the currencydocument, the method including, in a sensing device: sensing at leastone coded data portion for each currency document; generating, using thesensed coded data portion, indicating data at least partially indicativeof the identity of each currency document; and, transferring theindicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, using the indicatingdata, a determined identity for each currency document; determine, usingeach determined identity, a value for each currency document; and, countthe currency documents using the determined values.

Optionally, the method further being used for authenticating andevaluating a currency document, the currency document having disposedthereon or therein coded data including a plurality of coded dataportions, the method including, in a sensing device: sensing at leastone coded data portion; generating, using the sensed coded data portion,indicating data at least partially indicative of: an identity of thecurrency document; and at least part of a signature, the signature beinga digital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the security document includes anti-copy protection, theidentity being uniquely indicative of the respective security documentand being stored in a data store to allow for duplication of thesecurity document to be determined.

Optionally, the security document includes anti-forgery protection, eachcoded data portion being further indicative of at least part of asignature, the signature being formed by encrypting at least part of theidentity using a private key of public/private key pair, such that:valid security documents can only be created using the private key; and,validity of the security document can be confirmed using thecorresponding public key.

Optionally, the method is further used for recovering a stolen securitydocument, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

In another broad form the invention provides a method for monitoringtransactions involving security documents, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the method including, in a sensingdevice and following a transaction involving a security document:sensing at least one coded data portion; determining, using the at leastone sensed coded data portion, indicating data indicative of theidentity of the security document; and, transferring the indicating datato a computer system, the computer system being responsive to theindicating data to update tracking data stored in a data store, thetransaction data being indicative of, for each of a number of securitydocuments, performed transactions, and comparing the transaction data toone or more predetermined patterns to thereby determine the presence orabsence of a cash flow anomaly.

In an tenth broad form the invention provides a security documentdatabase, the database storing security document data including, foreach of a number of security documents: identity data, the identity databeing at least partially indicative of an identity of the securitydocument; attribute data, the attribute data being at least partiallyindicative of one or more attributes of the security document; wherein,in use, the security document database allows a computer system to:receive, from a sensing device, indicating data at least partiallyindicative of at least one of: the identity; and one or more attributes;use the received indicating data and the security document data toperform an action associated with the security document.

Optionally, the attribute data is at least partially indicative of asignature, the signature being a digital signature of the identity, andwherein the action includes the computer system authenticating thesecurity document.

Optionally, the attribute data is at least partially indicative of atransaction status, and wherein the action includes allowing thecomputer system to perform at least one of: verifying the transactionstatus of the security document; and, updating the transaction status ofthe security document.

Optionally, the transaction status is at least partially indicative ofwhether the security document is at least one of: a copied securitydocument; a stolen security document; and, a counterfeit securitydocument.

Optionally, the database can be queried in order to determine thepresence or absence of a cash flow anomaly.

Optionally, the database stores a key pair for each security document,the key pair being indexed in the database by the identity associatedwith the security document.

Optionally, the attribute data is at least partially indicative of atleast one: a transaction history data representing transactions relatedto the security document including: a transaction type including atleast one of: transaction details; identities of parties involved in thetransaction; a transaction amount; a location of the transaction; and, alocation of the sensing device; a currency note attribute including atleast one of: currency; issue country; denomination; note side; printingworks; and serial number; a check attribute including at least one of:currency; issuing institution; account number; serial number; expirydate; check value; and limit; a card attribute including at least oneof: card type; issuing institution; account number; issue date; expirydate; and limit.

Optionally, each coded data portion is further indicative of at leastpart of a signature, the signature being a digital signature of at leastpart of the identity, and wherein the system is configured to:determine, from the indicating data, a determined identity and at leastone determined signature part; and, authenticate the security documentusing the determined identity and the at least one determined signaturepart.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the entire signature is encoded within a plurality of codeddata portions and wherein the system includes the sensing deviceconfigured to sense a number of coded data portions to thereby determinethe entire signature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the security document database is used in a method oftracking a security document, the security document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of an identity of the securitydocument, the method including, in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating dataindicative of the identity of the product item; and, updating, using thereceived indicating data, tracking data stored in a data store, trackingdata being indicative of: the identity of the product item; and,tracking information.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the security document database is used in a method ofdetermining a counterfeit security document, the security documenthaving disposed thereon or therein coded data including a number ofcoded data portions, each coded data portion being indicative of: anidentity of the security document; and, at least part of a signature,the signature being a digital signature of at least part of theidentity; wherein the method includes: in a sensing device: sensing atleast one coded data portion; and, generating, using the sensed codeddata portion, indicating data indicative of: the identity; and, at leastone signature part; in a processor: determining, from the indicatingdata: a determined identity; and, at least one determined signaturepart; determining if the security document is a counterfeit documentusing the determined identity and the at least one determined signaturepart.

Optionally, the security document database is used in a method ofdetermining a possible duplicated security document, the securitydocument having disposed thereon or therein coded data including anumber of coded data portions, each coded data portion being indicativeof at least an identity of the security document, and wherein the methodincludes, in a computer system: receiving indicating data from a sensingdevice, the sensing device being responsive to sensing of the coded datato generate indicating data indicative of the identity of the securitydocument; determining, from the indicating data, a determined identity;accessing, using the determined identity, tracking data indicative of:the identity of the security document; and, tracking informationindicative of the location of the security document; and, determining,using the tracking information, if the security document is a possibleduplicate.

Optionally, the security document database is used by currency counterfor counting currency documents, each currency document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of an identity of the currencydocument, the counter including: an input for receiving a number ofcurrency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor for: determining, from the atleast one sensed coded data portion, a sensed identity for each currencydocument; determining, from the sensed identity, a determined value foreach currency document; and, counting the currency documents using thedetermined values.

Optionally, the security document database is used in a method ofproviding a security document having a security feature, the methodincluding: creating the security document; determining an identityassociated with the security document; generating a signature using theidentity, the signature being a digital signature of at least part ofthe identity; generating coded data, the coded data including a numberof coded data portions, each coded data portion being indicative of: theidentity of the security document; and, at least part of the signature;and, printing the coded data on the security document.

Optionally, the security document database is used in a method ofprinting a security document having a security feature, the methodincluding: receiving the security document; receiving identity data, theidentity data being at least partially indicative of an identity of thesecurity document, the identity data being encrypted using a public key;determining the identity by decrypting the received identity data usinga secret key associated with the public key; generating a signatureusing the determined identity, the signature being a digital signatureof at least part of the identity; generating coded data at leastpartially indicative of: the identity of the security document; and, atleast part of the signature; and, printing the coded data on thesecurity document.

Optionally, the security document database is used in a system forrecording a transaction relating to a security document, the securitydocument having disposed thereon or therein coded data including anumber of coded data portions, each coded data portion being indicativeof at least an identity of the security document, the system including acomputer system for: receiving indicating data from a sensing device,the sensing device being responsive to sensing of the coded data togenerate indicating data at least partially indicative of: the identityof the security document; and, the transaction; and, updating, using thereceived indicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the security document database is used in a method formonitoring transactions involving security documents, each securitydocument having disposed thereon or therein coded data including anumber of coded data portions, each coded data portion being indicativeof at least an identity of the security document, the method including,in a computer system and following a transaction involving a securitydocument: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; updating, using the received indicatingdata, transaction data stored in a data store, the transaction databeing indicative of, for each of a number of security documents,performed transactions; comparing the transaction data to one or morepredetermined patterns to thereby determine the presence or absence of acash flow anomaly.

Optionally, the security document database is used by set ofinstructions for causing a computer system to monitor transactionsinvolving security documents, each security document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of at least an identity of thesecurity document, the set of instructions, when executed by thecomputer system, causing the computer system to: receive indicating datafrom a sensing device, the sensing device being responsive to sensing ofcoded data to generate indicating data at least partially indicative of:the identity of the security document; and, the transaction; updating,using the received indicating data, transaction data stored in a datastore, the transaction data being indicative of: the identity of thesecurity document; and, the transaction.

Optionally, the security document database is used by a set ofinstructions for a currency counter, the currency counter being used forcounting currency documents where each currency document having disposedtherein or thereon at least one coded data portion being indicative ofat least an identity of the currency document, the currency counterhaving: an input for receiving a number of currency documents to becounted; an output for providing counted currency documents; a feedmechanism for transporting currency documents from the input to theoutput along a feed path; a sensor for sensing at least one coded dataportion for each currency document transported along the feed path; and,a processor, the set of instructions, when executed by the processor,causing the processor to: determine, from the at least one sensed codeddata portion, a sensed identity for each currency document; determine,from the sensed identity, a determined value for each currency document;and, count the currency documents using the determined values.

Optionally, the security document database is used by a processor foruse in a device for authenticating security documents, the securitydocument having disposed thereon or therein coded data at leastpartially indicative of an identity of the security document and asignature, the signature being a digital signature of at least part ofthe identity, the processor being adapted to: receive indicating datafrom a sensor in the device, the sensor being responsive to sensing ofthe coded data to generate indicating data at least partially indicativeof: the identity; and, at least part of the signature; determine, fromthe indicating data, a determined identity and at least one determinedsignature part; and, authenticate the security document using thedetermined identity and the at least one determined signature part.

Optionally, the security document database is used in a method ofcounting currency documents, each currency document having disposedthereon or therein coded data including a plurality of coded dataportions, each coded data portion being at least partially indicative ofan identity of the currency document, the method including, in a sensingdevice: sensing at least one coded data portion for each currencydocument; generating, using the sensed coded data portion, indicatingdata at least partially indicative of the identity of each currencydocument; and, transferring the indicating data to a computer system,the computer system being responsive to the indicating data to:determine, using the indicating data, a determined identity for eachcurrency document; determine, using each determined identity, a valuefor each currency document; and, count the currency documents using thedetermined values.

Optionally, the security document database is used in a method forauthenticating and evaluating a currency document, the currency documenthaving disposed thereon or therein coded data including a plurality ofcoded data portions, the method including, in a sensing device: sensingat least one coded data portion; generating, using the sensed coded dataportion, indicating data at least partially indicative of: an identityof the currency document; and at least part of a signature, thesignature being a digital signature of at least part of the identity;and, transferring the indicating data to a computer system, the computersystem being responsive to the indicating data to: determine, from theindicating data, a received identity, and a received signature part;authenticate the currency document using the received identity and thereceived signature part; and, in response to a successfulauthentication, determine, using the received identity, a valueassociated with the currency document.

Optionally, the security document includes anti-copy protection, thesecurity document having disposed thereon or therein coded dataincluding a number of coded data portions, each coded data portion beingindicative of an identity, the identity being uniquely indicative of therespective security document and being stored in a data store to allowfor duplication of the security document to be determined.

Optionally, the security document includes anti-forgery protection, thesecurity document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing indicative of: an identity of the currency document; and at leastpart of a signature, the signature being formed by encrypting at leastpart of the identity using a private key of public/private key pair,such that: valid security documents can only be created using theprivate key; and, validity of the security document can be confirmedusing the corresponding public key.

Optionally, the security document database is used in a method ofrecovering a stolen security document, the security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the method including in a computersystem: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of the coded data to generateindicating data at least partially indicative of the identity;determining, using the indicating data, a determined identity;accessing, using the determined identity, transaction data stored in adata store, the transaction data being indicative of a security documentstatus; determining, using the security document status, if the securitydocument is stolen; and, in response to a positive determination,causing the security document to be recovered.

In a eleventh broad form the invention provides a set of instructionsfor causing a computer system to monitor transactions involving securitydocuments, each security document having disposed thereon or thereincoded data including a number of coded data portions, each coded dataportion being indicative of at least an identity of the securitydocument, the set of instructions, when executed by the computer system,causing the computer system to: receive indicating data from a sensingdevice, the sensing device being responsive to sensing of coded data togenerate indicating data at least partially indicative of: the identityof the security document; and, the transaction; update, using thereceived indicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the set of instructions causes the computer system tocompare the transaction data to one or more predetermined patterns tothereby determine the presence or absence of a cash flow anomaly.

Optionally, the set of instructions causes comparison data to be outputby the computer system, the comparison data being indicative of theresults of the comparison.

Optionally, each predetermined pattern is at least partially related toat least one of: a predetermined transaction threshold; a predeterminednumber of transactions performed in a predetermined timeframe; anidentity of a particular party; a sequence of transactions related toone or more security documents; a cash flow demand forecast; and, ageographic trend.

Optionally, the computer system includes a display device, wherein theset of instructions, when executed by the computer system, cause thecomputer system to display, using the display device, at least one of:the comparison data; and, the transaction data.

Optionally, the transaction data includes a transaction statusindicative of whether the security document is at least one of: a copiedsecurity document; a stolen security document; and, a counterfeitsecurity document.

Optionally, each coded data portion is further indicative of at leastpart of a signature, the signature being a digital signature of at leastpart of the identity, and wherein the set of instructions, when executedby the computer system, cause the computer system to: determine, fromthe indicating data, a determined identity and at least one determinedsignature part; and, authenticate the security document using thedetermined identity and the at least one determined signature part.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the entire signature is encoded within a plurality of codeddata portions and wherein the system includes the sensing deviceconfigured to sense a number of coded data portions to thereby determinethe entire signature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the set of instructions, when executed in the computersystem further performs a method of tracking the security document, themethod including, in a computer system: receiving indicating data from asensing device, the sensing device being responsive to sensing of thecoded data to generate indicating data indicative of the identity of theproduct item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the security document; and, tracking information.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the set of instructions, when executed in the computersystem further performs a method of determining a counterfeit securitydocument, the security document having disposed thereon or therein codeddata including a number of coded data portions, each coded data portionbeing indicative of: an identity of the security document; and, at leastpart of a signature, the signature being a digital signature of at leastpart of the identity; wherein the method includes: in a sensing device:sensing at least one coded data portion; and, generating, using thesensed coded data portion, indicating data indicative of: the identity;and, at least one signature part; in a processor: determining, from theindicating data: a determined identity; and, at least one determinedsignature part; determining if the security document is a counterfeitdocument using the determined identity and the at least one determinedsignature part.

Optionally, the set of instructions, when executed in the computersystem further performs a method of determining a possible duplicatedsecurity document, wherein the method includes, in a computer system:receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata indicative of the identity of the security document; determining,from the indicating data, a determined identity; accessing, using thedetermined identity, tracking data indicative of: the identity of thesecurity document; and, tracking information indicative of the locationof the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the computer system is a currency counter and the securitydocument is a currency document, and where the set of instructions, whenexecuted in the currency counter, causes the currency counter to countcurrency documents, the counter including: an input for receiving anumber of currency documents to be counted; an output for providingcounted currency documents; a feed mechanism for transporting currencydocuments from the input to the output along a feed path; a sensor forsensing at least one coded data portion for each currency documenttransported along the feed path; and, a processor for: determining, fromthe at least one sensed coded data portion, a sensed identity for eachcurrency document; determining, from the sensed identity, a determinedvalue for each currency document; and, counting the currency documentsusing the determined values.

Optionally, the set of instructions, when executed in the computersystem further performs a method of providing a security document havinga security feature, the method including: creating the securitydocument; determining an identity associated with the security document;generating a signature using the identity, the signature being a digitalsignature of at least part of the identity; generating coded data, thecoded data including a number of coded data portions, each coded dataportion being indicative of: the identity of the security document; and,at least part of the signature; and, printing the coded data on thesecurity document.

Optionally, the set of instructions, when executed in the computersystem further performs a method of printing the security documenthaving a security feature, the method including: receiving the securitydocument; receiving identity data, the identity data being at leastpartially indicative of an identity of the security document, theidentity data being encrypted using a public key; determining theidentity by decrypting the received identity data using a secret keyassociated with the public key; generating a signature using thedetermined identity, the signature being a digital signature of at leastpart of the identity; generating coded data at least partiallyindicative of: the identity of the security document; and, at least partof the signature; and, printing the coded data on the security document.

Optionally, the set of instructions, when executed in the computersystem further records a transaction relating to the security document,the system including a computer system for: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data at least partially indicativeof: the identity of the security document; and, the transaction; and,updating, using the received indicating data, transaction data stored ina data store, the transaction data being indicative of: the identity ofthe security document; and, the transaction.

Optionally, the set of instructions, when executed in the computersystem further performs a method for monitoring transactions involvingthe security document, the method including, in a computer system andfollowing a transaction involving the security document: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of,for each of a number of security documents, performed transactions;comparing the transaction data to one or more predetermined patterns tothereby determine the presence or absence of a cash flow anomaly.

Optionally, the set of instructions, when executed in the computersystem further operate as a security document database, the databasestoring security document data including, for each of a number ofsecurity documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the computer system is a currency counter and the securitydocument is a currency document, and where the set of instructions, whenexecuted in the currency counter cause the currency counter to countcurrency documents, the currency counter having: an input for receivinga number of currency documents to be counted; an output for providingcounted currency documents; a feed mechanism for transporting currencydocuments from the input to the output along a feed path; a sensor forsensing at least one coded data portion for each currency documenttransported along the feed path; and, a processor, the set ofinstructions, when executed by the processor, causing the processor to:determine, from the at least one sensed coded data portion, a sensedidentity for each currency document; determine, from the sensedidentity, a determined value for each currency document; and, count thecurrency documents using the determined values.

Optionally, the set of instructions, when executed in a processor foruse in a device for authenticating security documents, cause theprocessor to: receive indicating data from a sensor in the device, thesensor being responsive to sensing of the coded data to generateindicating data at least partially indicative of: the identity; and, atleast part of the signature; determine, from the indicating data, adetermined identity and at least one determined signature part; and,authenticate the security document using the determined identity and theat least one determined signature part.

Optionally, the security document is a currency document and where theset of instructions, when executed in the computer system furtherperforms a method of counting currency documents, the method including,in a sensing device: sensing at least one coded data portion for eachcurrency document; generating, using the sensed coded data portion,indicating data at least partially indicative of the identity of eachcurrency document; and, transferring the indicating data to the computersystem, the computer system being responsive to the indicating data to:determine, using the indicating data, a determined identity for eachcurrency document; determine, using each determined identity, a valuefor each currency document; and, count the currency documents using thedetermined values.

Optionally, the security document is a currency document and where theset of instructions, when executed in the computer system furtherperforms a method for authenticating and evaluating a currency document,the method including, in a sensing device: sensing at least one codeddata portion; generating, using the sensed coded data portion,indicating data at least partially indicative of: an identity of thecurrency document; and at least part of a signature, the signature beinga digital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the security document includes anti-copy protection, theidentity being uniquely indicative of the respective security documentand being stored in a data store to allow for duplication of thesecurity document to be determined.

Optionally, the security document includes anti-forgery protection, eachcoded data portion being further indicative of at least part of asignature, the signature being formed by encrypting at least part of theidentity using a private key of public/private key pair, such that:valid security documents can only be created using the private key; and,validity of the security document can be confirmed using thecorresponding public key.

Optionally, the set of instructions, when executed in the computersystem further performs a method of recovering a stolen securitydocument, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

In a twelfth broad form the invention provides a set of instructions fora currency counter, the currency counter being used for countingcurrency documents where each currency document having disposed thereinor thereon at least one coded data portion being indicative of at leastan identity of the currency document, the currency counter having: aninput for receiving a number of currency documents to be counted; anoutput for providing counted currency documents; a feed mechanism fortransporting currency documents from the input to the output along afeed path; a sensor for sensing at least one coded data portion for eachcurrency document transported along the feed path; and, a processor, theset of instructions, when executed by the processor, causing theprocessor to: determine, from the at least one sensed coded dataportion, a sensed identity for each currency document; determine, fromthe sensed identity, a determined value for each currency document; and,count the currency documents using the determined values.

Optionally, each coded data portion is further indicative of at leastpart of a signature, the signature being a digital signature of at leastpart of the identity, wherein the set of instructions cause theprocessor to cause authentication of the currency documents, using thesensed identity and the at least one sensed signature part.

Optionally, the authentication is performed by at least one of: theprocessor; and, a computer system, wherein the processor: generatesindicating data at least partially indicative of: the identity; and, atleast part of the signature; and, transfers the indicating data to thecomputer system.

Optionally, the indicating data is transmitted to the computer system atleast one of: after the currency counter scans: each currency document;a predetermined number of currency documents; and, the currencydocuments provided in the input; and, periodically.

Optionally, the currency counter includes a display device, the executedset of instructions causing the processor to display, using the displaydevice at least one of: results of an authentication; at least onecurrency document value; and, a count total.

Optionally, the currency counter includes a data store for storing atleast one: a key for authenticating the currency documents; and, paddingfor determining the signature; where the processor performsauthentication using data cached in the data store.

Optionally, the set of instructions, when executed by the processor,cause the processor to: for each currency document, generate indicatingdata further indicative of at least one of: the time the currencycounter scanned the currency document; currency document attributes;and, the location of the currency counter when the currency document wasscanned.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the entire signature is encoded within a plurality of codeddata portions and wherein the system includes the sensing deviceconfigured to sense a number of coded data portions to thereby determinethe entire signature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the currency document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the set of instructions, when executed in the computersystem further performs a method of tracking the currency document, themethod including, in a computer system: receiving indicating data from asensing device, the sensing device being responsive to sensing of thecoded data to generate indicating data indicative of the identity of theproduct item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the currency document; and, tracking information.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the set of instructions, when executed in the computersystem further performs a method of determining a counterfeit currencydocument, the currency document having disposed thereon or therein codeddata including a number of coded data portions, each coded data portionbeing indicative of: an identity of the currency document; and, at leastpart of a signature, the signature being a digital signature of at leastpart of the identity; wherein the method includes: in a sensing device:sensing at least one coded data portion; and, generating, using thesensed coded data portion, indicating data indicative of: the identity;and, at least one signature part; in a processor: determining, from theindicating data: a determined identity; and, at least one determinedsignature part; determining if the currency document is a counterfeitdocument using the determined identity and the at least one determinedsignature part.

Optionally, the set of instructions, when executed in the computersystem further performs a method of determining a possible duplicatedcurrency document, wherein the method includes, in a computer system:receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata indicative of the identity of the currency document; determining,from the indicating data, a determined identity; accessing, using thedetermined identity, tracking data indicative of: the identity of thecurrency document; and, tracking information indicative of the locationof the currency document; and, determining, using the trackinginformation, if the currency document is a possible duplicate.

Optionally, the set of instructions, when executed in the computersystem further performs a method of providing a currency document havinga currency feature, the method including: creating the currencydocument; determining an identity associated with the currency document;generating a signature using the identity, the signature being a digitalsignature of at least part of the identity; generating coded data, thecoded data including a number of coded data portions, each coded dataportion being indicative of: the identity of the currency document; and,at least part of the signature; and, printing the coded data on thecurrency document.

Optionally, the set of instructions, when executed in the computersystem further performs a method of printing the currency documenthaving a currency feature, the method including: receiving the currencydocument; receiving identity data, the identity data being at leastpartially indicative of an identity of the currency document, theidentity data being encrypted using a public key; determining theidentity by decrypting the received identity data using a secret keyassociated with the public key; generating a signature using thedetermined identity, the signature being a digital signature of at leastpart of the identity; generating coded data at least partiallyindicative of: the identity of the currency document; and, at least partof the signature; and, printing the coded data on the currency document.

Optionally, the set of instructions, when executed in the computersystem further records a transaction relating to the currency document,the system including a computer system for: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data at least partially indicativeof: the identity of the currency document; and, the transaction; and,updating, using the received indicating data, transaction data stored ina data store, the transaction data being indicative of: the identity ofthe currency document; and, the transaction.

Optionally, the set of instructions, when executed in the computersystem further performs a method for monitoring transactions involvingthe currency document, the method including, in a computer system andfollowing a transaction involving the currency document: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the currency document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of,for each of a number of currency documents, performed transactions;comparing the transaction data to one or more predetermined patterns tothereby determine the presence or absence of a cash flow anomaly.

Optionally, the set of instructions, when executed in the computersystem further operate as a currency document database, the databasestoring currency document data including, for each of a number ofcurrency documents: identity data, the identity data being at leastpartially indicative of an identity of the currency document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the currency document; wherein, in use, the currencydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the currency document data to perform an actionassociated with the currency document.

Optionally, the set of instructions cause the processor to monitortransactions involving currency documents including: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the currency document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of:the identity of the currency document; and, the transaction.

Optionally, the set of instructions, when executed in a processor foruse in a device for authenticating currency documents, cause theprocessor to: receive indicating data from a sensor in the device, thesensor being responsive to sensing of the coded data to generateindicating data at least partially indicative of: the identity; and, atleast part of the signature; determine, from the indicating data, adetermined identity and at least one determined signature part; and,authenticate the currency document using the determined identity and theat least one determined signature part.

Optionally, the currency document is a currency document and where theset of instructions, when executed in the computer system furtherperforms a method of counting currency documents, the method including,in a sensing device: sensing at least one coded data portion for eachcurrency document; generating, using the sensed coded data portion,indicating data at least partially indicative of the identity of eachcurrency document; and, transferring the indicating data to the computersystem, the computer system being responsive to the indicating data to:determine, using the indicating data, a determined identity for eachcurrency document; determine, using each determined identity, a valuefor each currency document; and, count the currency documents using thedetermined values.

Optionally, the currency document is a currency document and where theset of instructions, when executed in the computer system furtherperforms a method for authenticating and evaluating a currency document,the method including, in a sensing device: sensing at least one codeddata portion; generating, using the sensed coded data portion,indicating data at least partially indicative of: an identity of thecurrency document; and at least part of a signature, the signature beinga digital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the currency document includes anti-copy protection, theidentity being uniquely indicative of the respective currency documentand being stored in a data store to allow for duplication of thecurrency document to be determined.

Optionally, the currency document includes anti-forgery protection, eachcoded data portion being further indicative of at least part of asignature, the signature being formed by encrypting at least part of theidentity using a private key of public/private key pair, such that:valid currency documents can only be created using the private key; and,validity of the currency document can be confirmed using thecorresponding public key.

Optionally, the set of instructions, when executed in the computersystem further performs a method of recovering a stolen currencydocument, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a currency document status; determining, using thecurrency document status, if the currency document is stolen; and, inresponse to a positive determination, causing the currency document tobe recovered.

In a thirteenth broad form the invention provides a processor for use ina device for authenticating security documents, the security documenthaving disposed thereon or therein coded data at least partiallyindicative of an identity of the security document and a signature, thesignature being a digital signature of at least part of the identity,the processor being adapted to: receive indicating data from a sensor inthe device, the sensor being responsive to sensing of the coded data togenerate indicating data at least partially indicative of: the identity;and, at least part of the signature; determine, from the indicatingdata, a determined identity and at least one determined signature part;and, authenticate the security document using the determined identityand the at least one determined signature part.

Optionally, the processor: determines, using the determined identity anda secret key, a determined signature; compares the determined signatureto the at least one determined signature part; and, authenticates thesecurity document using the results of the comparison.

Optionally, the processor stores a number of secret keys in a datastore.

Optionally, the device includes a display device coupled to theprocessor and where the processor causes the display device to displaythe results of the authentication.

Optionally, the processor includes an internal memory forming the datastore, and where the processor and internal memory are provided as amonolithic chip.

Optionally, each coded data portion is further indicative of at leastpart of a signature, the signature being a digital signature of at leastpart of the identity, and wherein the processor: determines, from theindicating data, a determined identity and at least one determinedsignature part; and, authenticates the security document using thedetermined identity and the at least one determined signature part.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the entire signature is encoded within a plurality of codeddata portions and wherein the system includes the sensing deviceconfigured to sense a number of coded data portions to thereby determinethe entire signature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the processor is used in at least one of the followingdevices: an automatic teller machine; a currency counter; a cashregister; a hand held scanner; a vending machine; and, a mobile phone.

Optionally, the processor is further used in a method of tracking asecurity document, the method including, in the processor: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating dataindicative of the identity of the product item; and, updating, using thereceived indicating data, tracking data stored in a data store, trackingdata being indicative of: the identity of the security document; and,tracking information.

Optionally, the processor is used in a sensing device for use with asecurity document, the sensing device including: a housing adapted to beheld by a user in use; a radiation source for exposing at least onecoded data portion; a sensor for sensing the at least one exposed codeddata portion; and, the processor for determining, using the at least onesensed coded data portion, a sensed identity.

Optionally, the processor is further used in a method of determining acounterfeit security document, wherein the method includes: in a sensingdevice: sensing at least one coded data portion; and, generating, usingthe sensed coded data portion, indicating data indicative of: theidentity; and, at least one signature part; and, in the processor:determining if the security document is a counterfeit document using thedetermined identity and the at least one determined signature part.

Optionally, the processor is further used in a method of determining apossible duplicated security document, wherein the method includes, in aprocessor: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the processor is further used in a currency counter forcounting currency documents, each currency document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of an identity of the currencydocument, the counter including: an input for receiving a number ofcurrency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, the processor for: determining, from the atleast one sensed coded data portion, a sensed identity for each currencydocument; determining, from the sensed identity, a determined value foreach currency document; and, counting the currency documents using thedetermined values.

Optionally, the processor is further used in a method of providing asecurity document having a security feature, the method including:creating the security document; determining an identity associated withthe security document; generating a signature using the identity, thesignature being a digital signature of at least part of the identity;generating coded data, the coded data including a number of coded dataportions, each coded data portion being indicative of: the identity ofthe security document; and, at least part of the signature; and,printing the coded data on the security document.

Optionally, the processor is further used in a method of printing asecurity document having a security feature, the method including:receiving the security document; receiving identity data, the identitydata being at least partially indicative of an identity of the securitydocument, the identity data being encrypted using a public key;determining the identity by decrypting the received identity data usinga secret key associated with the public key; generating a signatureusing the determined identity, the signature being a digital signatureof at least part of the identity; generating coded data at leastpartially indicative of: the identity of the security document; and, atleast part of the signature; and, printing the coded data on thesecurity document.

Optionally, the processor is further used in a system for recording atransaction relating to a security document and where the processor isfurther used for: receiving indicating data from a sensing device, thesensing device being responsive to sensing of the coded data to generateindicating data at least partially indicative of: the identity of thesecurity document; and, the transaction; and, updating, using thereceived indicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the processor is further used in a method for monitoringtransactions involving security documents, the method including, in theprocessor and following a transaction involving a security document:receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of coded data to generate indicating data atleast partially indicative of: the identity of the security document;and, the transaction; updating, using the received indicating data,transaction data stored in a data store, the transaction data beingindicative of, for each of a number of security documents, performedtransactions; comparing the transaction data to one or morepredetermined patterns to thereby determine the presence or absence of acash flow anomaly.

Optionally, the processor is further used to access a security documentdatabase, the database storing security document data including, foreach of a number of security documents: identity data, the identity databeing at least partially indicative of an identity of the securitydocument; attribute data, the attribute data being at least partiallyindicative of one or more attributes of the security document; wherein,in use, the security document database allows the processor to: receive,from a sensing device, indicating data at least partially indicative ofat least one of: the identity; and one or more attributes; use thereceived indicating data and the security document data to perform anaction associated with the security document.

Optionally, the processor is further used to execute a set ofinstructions for monitoring transactions involving security documents,the set of instructions, when executed by the processor cause theprocessor to: receive indicating data from a sensing device, the sensingdevice being responsive to sensing of coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; updating, using the received indicatingdata, transaction data stored in a data store, the transaction databeing indicative of: the identity of the security document; and, thetransaction.

Optionally, the processor is further used to execute a set ofinstructions for a currency counter, the currency counter being used forcounting currency documents where each currency document having disposedtherein or thereon at least one coded data portion being indicative ofat least an identity of the currency document, the currency counterhaving: an input for receiving a number of currency documents to becounted; an output for providing counted currency documents; a feedmechanism for transporting currency documents from the input to theoutput along a feed path; a sensor for sensing at least one coded dataportion for each currency document transported along the feed path; and,the processor, the set of instructions, when executed by the processor,causing the processor to: determine, from the at least one sensed codeddata portion, a sensed identity for each currency document; determine,from the sensed identity, a determined value for each currency document;and, count the currency documents using the determined values.

Optionally, the processor is further used in a method of countingcurrency documents, each currency document having disposed thereon ortherein coded data including a plurality of coded data portions, eachcoded data portion being at least partially indicative of an identity ofthe currency document, the method including, in a sensing device:sensing at least one coded data portion for each currency document;generating, using the sensed coded data portion, indicating data atleast partially indicative of the identity of each currency document;and, transferring the indicating data to a computer system, the computersystem being responsive to the indicating data to: determine, using theindicating data, a determined identity for each currency document;determine, using each determined identity, a value for each currencydocument; and, count the currency documents using the determined values.

Optionally, the processor is further used in a method for authenticatingand evaluating a currency document, the currency document havingdisposed thereon or therein coded data including a plurality of codeddata portions, the method including, in a sensing device: sensing atleast one coded data portion; generating, using the sensed coded dataportion, indicating data at least partially indicative of: an identityof the currency document; and at least part of a signature, thesignature being a digital signature of at least part of the identity;and, transferring the indicating data to a computer system, the computersystem being responsive to the indicating data to: determine, from theindicating data, a received identity, and a received signature part;authenticate the currency document using the received identity and thereceived signature part; and, in response to a successfulauthentication, determine, using the received identity, a valueassociated with the currency document.

Optionally, the security document includes anti-copy protection, thesecurity document having disposed thereon or therein coded dataincluding a number of coded data portions, each coded data portion beingindicative of an identity, the identity being uniquely indicative of therespective security document and being stored in a data store to allowfor duplication of the security document to be determined.

Optionally, the security document includes anti-forgery protection, thesecurity document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing indicative of: an identity of the currency document; and at leastpart of a signature, the signature being formed by encrypting at leastpart of the identity using a private key of public/private key pair,such that: valid security documents can only be created using theprivate key; and, validity of the security document can be confirmedusing the corresponding public key.

Optionally, the processor is further used in a method of recovering astolen security document, the method including in a computer system:receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of the identity; determining, usingthe indicating data, a determined identity; accessing, using thedetermined identity, transaction data stored in a data store, thetransaction data being indicative of a security document status;determining, using the security document status, if the securitydocument is stolen; and, in response to a positive determination,causing the security document to be recovered.

In a fourteenth broad form the invention provides a method of countingcurrency documents, each currency document having disposed thereon ortherein coded data including a plurality of coded data portions, eachcoded data portion being at least partially indicative of an identity ofthe currency document, the method including, in a sensing device:sensing at least one coded data portion for each currency document;generating, using the sensed coded data portion, indicating data atleast partially indicative of the identity of each currency document;and, transferring the indicating data to a computer system, the computersystem being responsive to the indicating data to: determine, using theindicating data, a determined identity for each currency document;determine, using each determined identity, a value for each currencydocument; and, count the currency documents using the determined values.

Optionally, the indicating data is further indicative of at least oneof: a signature; a time the sensing device scanned the currencydocument; currency document attributes; and, a location of the sensingdevice when the currency document was sensed.

Optionally, the method includes transmitting the indicating data to thecomputer system at least one of: after the sensing device scans: eachcurrency document; and, a predetermined number of currency documents;and, periodically.

Optionally, the sensing device includes an indicator, where the methodincludes causing the indicator to provide at least one of: an indicationrelated to the success of sensing the at least one coded data portions;a count indicative of the number of sensed currency documents; the valueof the sensed currency document; and, an incremental value of the sensedcurrency documents.

Optionally, the sensing device stores data indicative of at least one ofan identity of the sensing device and an identity of a user, and whereinmethod includes the sensing device generating the indicating data usingthe stored data.

Optionally, each coded data portion is further indicative of at leastpart of a signature, the signature being a digital signature of at leastpart of the identity, and wherein the method includes: determining, fromthe indicating data, a determined identity and at least one determinedsignature part; and, authenticating the security document using thedetermined identity and the at least one determined signature part.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the entire signature is encoded within a plurality of codeddata portions and wherein the method includes the sensing device sensinga number of coded data portions to thereby determine the entiresignature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the method is further used for tracking a security document,the method including, in a computer system: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data indicative of the identity ofthe product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the product item; and, tracking information.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the method is further used for determining a counterfeitsecurity document, each coded data portion being further indicative ofat least part of a signature, the signature being a digital signature ofat least part of the identity, wherein the method further includes: in asensing device: generating, using the sensed coded data portion,indicating data indicative of: the identity; and, at least one signaturepart; and, in a processor: determining, from the indicating data: adetermined identity; and, at least one determined signature part; and,determining if the security document is a counterfeit document using thedetermined identity and the at least one determined signature part.

Optionally, the method is further used for determining a possibleduplicated security document, wherein the method includes, in a computersystem: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the method is used in a currency counter for countingcurrency documents, each currency document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the currency document,the counter including: an input for receiving a number of currencydocuments to be counted; an output for providing counted currencydocuments; a feed mechanism for transporting currency documents from theinput to the output along a feed path; a sensor for sensing at least onecoded data portion for each currency document transported along the feedpath; and, a processor for: determining, from the at least one sensedcoded data portion, a sensed identity for each currency document;determining, from the sensed identity, a determined value for eachcurrency document; and, counting the currency documents using thedetermined values.

Optionally, the security document having a security feature, wherein themethod of providing the security document includes: creating thesecurity document; determining an identity associated with the securitydocument; generating a signature using the identity, the signature beinga digital signature of at least part of the identity; generating codeddata, the coded data including a number of coded data portions, eachcoded data portion being indicative of: the identity of the securitydocument; and, at least part of the signature; and, printing the codeddata on the security document.

Optionally, the security document being printed with a security feature,wherein the method of printing the security document includes: receivingthe security document; receiving identity data, the identity data beingat least partially indicative of an identity of the security document,the identity data being encrypted using a public key; determining theidentity by decrypting the received identity data using a secret keyassociated with the public key; generating a signature using thedetermined identity, the signature being a digital signature of at leastpart of the identity; generating coded data at least partiallyindicative of: the identity of the security document; and, at least partof the signature; and, printing the coded data on the security document.

Optionally, the method is used in a system for recording a transactionrelating to a security document, the system including a computer systemfor: receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; and, updating, using the receivedindicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the method is further used for monitoring transactionsinvolving security documents, the method including, in a computer systemand following a transaction involving a security document: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of,for each of a number of security documents, performed transactions;comparing the transaction data to one or more predetermined patterns tothereby determine the presence or absence of a cash flow anomaly.

Optionally, the method includes using a security document database, thedatabase storing security document data including, for each of a numberof security documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the method is further used for causing a computer system tomonitor transactions involving security documents, the method beingperformed using a set of instructions, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the set of instructions, whenexecuted by the computer system, causing the computer system to: receiveindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of:the identity of the security document; and, the transaction.

Optionally, the method is used in a processor for use in a device forauthenticating security documents, the coded data further being at leastpartially indicative of a signature, the signature being a digitalsignature of at least part of the identity, the processor being adaptedto: receive indicating data from a sensor in the device, the sensorbeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity; and, at least partof the signature; determine, from the indicating data, a determinedidentity and at least one determined signature part; and, authenticatethe security document using the determined identity and the at least onedetermined signature part.

Optionally, the method is further used for counting currency documents,each currency document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing at least partially indicative of an identity of the currencydocument, the method including, in a sensing device: sensing at leastone coded data portion for each currency document; generating, using thesensed coded data portion, indicating data at least partially indicativeof the identity of each currency document; and, transferring theindicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, using the indicatingdata, a determined identity for each currency document; determine, usingeach determined identity, a value for each currency document; and, countthe currency documents using the determined values.

Optionally, the method further being used for authenticating andevaluating a currency document, the currency document having disposedthereon or therein coded data including a plurality of coded dataportions, the method including, in a sensing device: sensing at leastone coded data portion; generating, using the sensed coded data portion,indicating data at least partially indicative of: an identity of thecurrency document; and at least part of a signature, the signature beinga digital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the security document includes anti-copy protection, theidentity being uniquely indicative of the respective security documentand being stored in a data store to allow for duplication of thesecurity document to be determined.

Optionally, the security document includes anti-forgery protection, eachcoded data portion being further indicative of at least part of asignature, the signature being formed by encrypting at least part of theidentity using a private key of public/private key pair, such that:valid security documents can only be created using the private key; and,validity of the security document can be confirmed using thecorresponding public key.

Optionally, the method is further used for recovering a stolen securitydocument, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

In another broad form the invention provides a method of countingcurrency documents, each currency document having disposed thereon ortherein coded data including a plurality of coded data portions, eachcoded data portion being at least partially indicative of an identity ofthe currency document, the method including, in a computer system:receiving indicating data from a sensing device, the sensing deviceadapted to sense at least one coded data portion for each currencydocument, and generate, using the sensed coded data portion, theindicating data at least partially indicative of the identity of eachcurrency document; determining, using the indicating data, a determinedidentity for each currency document; determining, using each determinedidentity, a value for each currency document; and, counting the currencydocuments using the determined values.

In a fifteenth broad form the invention provides a method forauthenticating and evaluating a currency document, the currency documenthaving disposed thereon or therein coded data including a plurality ofcoded data portions, the method including, in a sensing device: sensingat least one coded data portion; generating, using the sensed coded dataportion, indicating data at least partially indicative of: an identityof the currency document; and at least part of a signature, thesignature being a digital signature of at least part of the identity;and, transferring the indicating data to a computer system, the computersystem being responsive to the indicating data to: determine, from theindicating data, a received identity, and a received signature part;authenticate the currency document using the received identity and thereceived signature part; and, in response to a successfulauthentication, determine, using the received identity, a valueassociated with the currency document.

Optionally, the indicating data is further indicative of: a time thesensing device scanned the currency document; currency documentattributes; and, a location of the sensing device when the currencydocument was sensed.

Optionally, the method includes transmitting the indicating data to thecomputer system at least one of: after the sensing device senses: eachcurrency document; and, a predetermined number of currency documents;and, periodically.

Optionally, the sensing device includes an indicator, where the methodincludes causing the indicator to provide at least one of: an indicationof the success of sensing the at least one coded data portion; anindication of an authenticity of the currency document; a countindicative of the number of sensed currency documents; the value of thesensed currency document; and, an incremental value of the sensedcurrency documents.

Optionally, the entire signature is encoded in a plurality of dataportions and wherein the method includes causing the indicator toindicate if the entire signature can be determined from the sensed codeddata portions.

Optionally, each coded data portion is further indicative of at leastpart of a signature, the signature being a digital signature of at leastpart of the identity, and wherein the method includes: determining, fromthe indicating data, a determined identity and at least one determinedsignature part; and, authenticating the security document using thedetermined identity and the at least one determined signature part.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the entire signature is encoded within a plurality of codeddata portions and wherein the method includes the sensing device sensinga number of coded data portions to thereby determine the entiresignature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the method is further used for tracking a security document,the method including, in a computer system: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data indicative of the identity ofthe product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the product item; and, tracking information.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the method is further used for determining a counterfeitsecurity document, each coded data portion being further indicative ofat least part of a signature, the signature being a digital signature ofat least part of the identity, wherein the method further includes: in asensing device: generating, using the sensed coded data portion,indicating data indicative of: the identity; and, at least one signaturepart; and, in a processor: determining, from the indicating data: adetermined identity; and, at least one determined signature part; and,determining if the security document is a counterfeit document using thedetermined identity and the at least one determined signature part.

Optionally, the method is further used for determining a possibleduplicated security document, wherein the method includes, in a computersystem: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the method is used in a currency counter for countingcurrency documents, each currency document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the currency document,the counter including: an input for receiving a number of currencydocuments to be counted; an output for providing counted currencydocuments; a feed mechanism for transporting currency documents from theinput to the output along a feed path; a sensor for sensing at least onecoded data portion for each currency document transported along the feedpath; and, a processor for: determining, from the at least one sensedcoded data portion, a sensed identity for each currency document;determining, from the sensed identity, a determined value for eachcurrency document; and, counting the currency documents using thedetermined values.

Optionally, the security document having a security feature, wherein themethod of providing the security document includes: creating thesecurity document; determining an identity associated with the securitydocument; generating a signature using the identity, the signature beinga digital signature of at least part of the identity; generating codeddata, the coded data including a number of coded data portions, eachcoded data portion being indicative of: the identity of the securitydocument; and, at least part of the signature; and, printing the codeddata on the security document.

Optionally, the security document being printed with a security feature,wherein the method of printing the security document includes: receivingthe security document; receiving identity data, the identity data beingat least partially indicative of an identity of the security document,the identity data being encrypted using a public key; determining theidentity by decrypting the received identity data using a secret keyassociated with the public key; generating a signature using thedetermined identity, the signature being a digital signature of at leastpart of the identity; generating coded data at least partiallyindicative of: the identity of the security document; and, at least partof the signature; and, printing the coded data on the security document.

Optionally, the method is used in a system for recording a transactionrelating to a security document, the system including a computer systemfor: receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; and, updating, using the receivedindicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the method is further used for monitoring transactionsinvolving security documents, the method including, in a computer systemand following a transaction involving a security document: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of,for each of a number of security documents, performed transactions;comparing the transaction data to one or more predetermined patterns tothereby determine the presence or absence of a cash flow anomaly.

Optionally, the method includes using a security document database, thedatabase storing security document data including, for each of a numberof security documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the method is further used for causing a computer system tomonitor transactions involving security documents, the method beingperformed using a set of instructions, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the set of instructions, whenexecuted by the computer system, causing the computer system to: receiveindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of:the identity of the security document; and, the transaction.

Optionally, the method is further used for counting currency documents,the method being performed using a set of instructions, each currencydocument having disposed therein or thereon at least one coded dataportion being indicative of at least an identity of the currencydocument, the currency counter having: an input for receiving a numberof currency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor, the set of instructions, whenexecuted by the processor, causing the processor to: determine, from theat least one sensed coded data portion, a sensed identity for eachcurrency document; determine, from the sensed identity, a determinedvalue for each currency document; and, count the currency documentsusing the determined values.

Optionally, the method is used in a processor for use in a device forauthenticating security documents, the coded data further being at leastpartially indicative of a signature, the signature being a digitalsignature of at least part of the identity, the processor being adaptedto: receive indicating data from a sensor in the device, the sensorbeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity; and, at least partof the signature; determine, from the indicating data, a determinedidentity and at least one determined signature part; and, authenticatethe security document using the determined identity and the at least onedetermined signature part.

Optionally, the method is further used for counting currency documents,each currency document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing at least partially indicative of an identity of the currencydocument, the method including, in a sensing device: sensing at leastone coded data portion for each currency document; generating, using thesensed coded data portion, indicating data at least partially indicativeof the identity of each currency document; and, transferring theindicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, using the indicatingdata, a determined identity for each currency document; determine, usingeach determined identity, a value for each currency document; and, countthe currency documents using the determined values.

Optionally, the security document includes anti-copy protection, theidentity being uniquely indicative of the respective security documentand being stored in a data store to allow for duplication of thesecurity document to be determined.

Optionally, the security document includes anti-forgery protection, eachcoded data portion being further indicative of at least part of asignature, the signature being formed by encrypting at least part of theidentity using a private key of public/private key pair, such that:valid security documents can only be created using the private key; and,validity of the security document can be confirmed using thecorresponding public key.

Optionally, the method is further used for recovering a stolen securitydocument, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

In another broad form the invention provides a method for authenticatingand evaluating a currency document, the currency document havingdisposed thereon or therein coded data including a plurality of codeddata portions, the method including, in a computer system: receivingindicating data from a sensing device, the sensing device being adaptedto: sense at least one coded data portion; generate, using the sensedcoded data portion, indicating data at least partially indicative of: anidentity of the currency document; and at least part of a signature, thesignature being a digital signature of at least part of the identity;determining, from the indicating data, a received identity, and areceived signature part; authenticating the currency document using thereceived identity and the received signature part; and, in response to asuccessful authentication, determining, using the received identity, avalue associated with the currency document.

In a sixteenth broad form the invention provides a security documentincluding anti-copy protection, the security document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of an identity, the identitybeing uniquely indicative of the respective security document and beingstored in a data store to allow for duplication of the security documentto be determined.

Optionally, each coded data portion is further indicative of an identitycorresponding to each part of a signature, the signature being a digitalsignature of at least part of the identity.

Optionally, the coded data can be sensed using a sensing device, thesensing device being responsive to sensing of the coded data to:generate indicating data at least partially indicative of: a sensedidentity; and a sensed at least part of the signature; and, transfer theindicating data to a computer system to determine whether a duplicationof the sensed security document has occurred.

Optionally, the signature is encoded using at least one of: a privatekey from a public/private key pair, and where the sensing device decodesthe signature using the corresponding public key; a secret key, andwhere the sensing device decodes the signature using the same secretkey; and, a public key from a public/private key pair, and where thesensing device decodes the signature using the corresponding privatekey.

Optionally, the sensed identity is compared to at least one of: locationdata indicative of where a security document having an identicalidentity has been sensed; and, time data indicative of when a securitydocument having an identical identity has been sensed; in order todetermine whether duplication of a security document has occurred.

Optionally, each coded data portion is further indicative of a positionof the coded data on or in the security document.

Optionally, each coded data portion is further indicative of at leastpart of a signature, the signature being a digital signature of at leastpart of the identity, and wherein the sensing device determines, fromthe indicating data, a determined identity and at least one determinedsignature part, and where the computer system determines whether aduplication of the security document has occurred using the determinedidentity and the at least one determined signature part.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the entire signature is encoded within a plurality of codeddata portions and wherein the sensing device is configured to sense anumber of coded data portions to thereby determine the entire signature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the security document is used in a method of tracking asecurity document, the method including, in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating dataindicative of the identity of the product item; and, updating, using thereceived indicating data, tracking data stored in a data store, trackingdata being indicative of: the identity of the product item; and,tracking information.

Optionally, a sensing device is used for sensing the coded data disposedon or in the security document, the sensing device including: a housingadapted to be held by a user in use; a radiation source for exposing atleast one coded data portion; a sensor for sensing the at least oneexposed coded data portion; and, a processor for determining, using theat least one sensed coded data portion, a sensed identity.

Optionally, the security document is used in a method of determining acounterfeit security document, each coded data portion being furtherindicative of at least part of a signature, the signature being adigital signature of at least part of the identity, wherein the methodincludes: in a sensing device: sensing at least one coded data portion;and, generating, using the sensed coded data portion, indicating dataindicative of: the identity; and, at least one signature part; in aprocessor: determining, from the indicating data: a determined identity;and, at least one determined signature part; determining if the securitydocument is a counterfeit document using the determined identity and theat least one determined signature part.

Optionally, the security document is used in a method of determining apossible duplicated security document, wherein the method includes, in acomputer system: receiving indicating data from a sensing device, thesensing device being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the security document is a currency document, and where aplurality of currency documents are counted using a currency counter,the counter including: an input for receiving a number of currencydocuments to be counted; an output for providing counted currencydocuments; a feed mechanism for transporting currency documents from theinput to the output along a feed path; a sensor for sensing at least onecoded data portion for each currency document transported along the feedpath; and, a processor for: determining, from the at least one sensedcoded data portion, a sensed identity for each currency document;determining, from the sensed identity, a determined value for eachcurrency document; and, counting the currency documents using thedetermined values.

Optionally, the security document is used in a method of providing asecurity document having a security feature, the method including:creating the security document; determining an identity associated withthe security document; generating a signature using the identity, thesignature being a digital signature of at least part of the identity;generating coded data, the coded data including a number of coded dataportions, each coded data portion being indicative of: the identity ofthe security document; and, at least part of the signature; and,printing the coded data on the security document.

Optionally, the security document is used in a method of printing asecurity document having a security feature, the method including:receiving the security document; receiving identity data, the identitydata being at least partially indicative of an identity of the securitydocument, the identity data being encrypted using a public key;determining the identity by decrypting the received identity data usinga secret key associated with the public key; generating a signatureusing the determined identity, the signature being a digital signatureof at least part of the identity; generating coded data at leastpartially indicative of: the identity of the security document; and, atleast part of the signature; and, printing the coded data on thesecurity document.

Optionally, the security document is used in a system for recording atransaction relating to a security document, the system including acomputer system for: receiving indicating data from a sensing device,the sensing device being responsive to sensing of the coded data togenerate indicating data at least partially indicative of: the identityof the security document; and, the transaction; and, updating, using thereceived indicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the security document is used in a method for monitoringtransactions involving security documents, the method including, in acomputer system and following a transaction involving a securitydocument: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; updating, using the received indicatingdata, transaction data stored in a data store, the transaction databeing indicative of, for each of a number of security documents,performed transactions; comparing the transaction data to one or morepredetermined patterns to thereby determine the presence or absence of acash flow anomaly.

Optionally, the security document data relating to the security documentis stored in a security document database, the security document dataincluding, for each of a number of security documents: identity data,the identity data being at least partially indicative of an identity ofthe security document; attribute data, the attribute data being at leastpartially indicative of one or more attributes of the security document;wherein, in use, the security document database allows a computer systemto: receive, from a sensing device, indicating data at least partiallyindicative of at least one of: the identity; and one or more attributes;use the received indicating data and the security document data toperform an action associated with the security document.

Optionally, the security document is used in a transaction and a set ofinstructions is used for causing a computer system to monitor thetransaction, the set of instructions, when executed by the computersystem, causing the computer system to: receive indicating data from asensing device, the sensing device being responsive to sensing of codeddata to generate indicating data at least partially indicative of: theidentity of the security document; and, the transaction; updating, usingthe received indicating data, transaction data stored in a data store,the transaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the security document is a currency document, and aplurality of currency documents are counted using a currency counterexecuting a set of instructions, the currency counter having: an inputfor receiving a number of currency documents to be counted; an outputfor providing counted currency documents; a feed mechanism fortransporting currency documents from the input to the output along afeed path; a sensor for sensing at least one coded data portion for eachcurrency document transported along the feed path; and, a processor, theset of instructions, when executed by the processor, causing theprocessor to: determine, from the at least one sensed coded dataportion, a sensed identity for each currency document; determine, fromthe sensed identity, a determined value for each currency document; and,count the currency documents using the determined values.

Optionally, the security document is authenticated using a processor foruse in a device, the coded data being further at least partiallyindicative of a signature, the signature being a digital signature of atleast part of the identity, the processor being adapted to: receiveindicating data from a sensor in the device, the sensor being responsiveto sensing of the coded data to generate indicating data at leastpartially indicative of: the identity; and, at least part of thesignature; determine, from the indicating data, a determined identityand at least one determined signature part; and, authenticate thesecurity document using the determined identity and the at least onedetermined signature part.

Optionally, the security document is a currency document and is used ina method of counting currency documents, the method including, in asensing device: sensing at least one coded data portion for eachcurrency document; generating, using the sensed coded data portion,indicating data at least partially indicative of the identity of eachcurrency document; and, transferring the indicating data to a computersystem, the computer system being responsive to the indicating data to:determine, using the indicating data, a determined identity for eachcurrency document; determine, using each determined identity, a valuefor each currency document; and, count the currency documents using thedetermined values.

Optionally, the security document is a currency document and is used ina method for authenticating and evaluating the currency document, themethod including, in a sensing device: sensing at least one coded dataportion; generating, using the sensed coded data portion, indicatingdata at least partially indicative of: an identity of the currencydocument; and at least part of a signature, the signature being adigital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the security document further includes anti-forgeryprotection, each coded data portion being indicative of at least part ofa signature, the signature being formed by encrypting at least part ofthe identity using a private key of public/private key pair, such that:valid security documents can only be created using the private key; and,validity of the security document can be confirmed using thecorresponding public key.

Optionally, the security document is used in a method of recovering astolen security document, the method including in a computer system:receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of the identity; determining, usingthe indicating data, a determined identity; accessing, using thedetermined identity, transaction data stored in a data store, thetransaction data being indicative of a security document status;determining, using the security document status, if the securitydocument is stolen; and, in response to a positive determination,causing the security document to be recovered.

In a seventeenth broad form the invention provides a security documentincluding anti-forgery protection, the security document having disposedthereon or therein coded data including a plurality of coded dataportions, each coded data portion being indicative of: an identity ofthe security document; and at least part of a signature, the signaturebeing formed by encrypting at least part of the identity using a privatekey of public/private key pair, such that: valid security documents canonly be created using the private key; and, validity of the securitydocument can be confirmed using the corresponding public key.

Optionally, the private key is associated with at least one of: asecurity document type; a value; a creator of the security document; alocation that the security document was issued; and, a time when thedocument was created.

Optionally, the coded data on the security document is printed using aprinter, wherein the printer includes the private key in order to encodethe coded data.

Optionally, at least some of the coded data can be sensed using asensing device, the sensing device being responsive to the sensing to:determine, using the sensed coded data, the signature; and, attempt todecode, using one of a number of public keys, the signature.

Optionally, the sensing device generates, using the sensed coded dataportion, indicating data at least partially indicative of: the identityof the security document; and, the at least part of a signature.

Optionally, if the sensing device determines that none of the pluralityof public keys decode the signature, the sensing device performs atleast one of: a retrieval at least one additional public key on demandfrom a computer system; and, a determination that the security documentis invalid.

Optionally, in order to confirm the validity of the security document,the sensing device performs at least one of: a comparison of theindicating data and stored data located in the sensing device's store;and a transfer of the indicating data to a computer system, wherein thecomputer system compares the indicating data to stored data located inthe computer system.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally; the entire signature is encoded within a plurality of codeddata portions and wherein the sensing device configured to sense anumber of coded data portions to thereby determine the entire signature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the security document is used in a method of tracking asecurity document, the method including, in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating dataindicative of the identity of the product item; and, updating, using thereceived indicating data, tracking data stored in a data store, trackingdata being indicative of: the identity of the product item; and,tracking information.

Optionally, a sensing device is used for sensing the coded data disposedon or in the security document, the sensing device including: a housingadapted to be held by a user in use; a radiation source for exposing atleast one coded data portion; a sensor for sensing the at least oneexposed coded data portion; and, a processor for determining, using theat least one sensed coded data portion, a sensed identity.

Optionally, the security document is used in a method of determining acounterfeit security document, each coded data portion being furtherindicative of at least part of a signature, the signature being adigital signature of at least part of the identity, wherein the methodincludes: in a sensing device: sensing at least one coded data portion;and, generating, using the sensed coded data portion, indicating dataindicative of: the identity; and, at least one signature part; in aprocessor: determining, from the indicating data: a determined identity;and, at least one determined signature part; determining if the securitydocument is a counterfeit document using the determined identity and theat least one determined signature part.

Optionally, the security document is used in a method of determining apossible duplicated security document, wherein the method includes, in acomputer system: receiving indicating data from a sensing device, thesensing device being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the security document is a currency document, and where aplurality of currency documents are counted using a currency counter,the counter including: an input for receiving a number of currencydocuments to be counted; an output for providing counted currencydocuments; a feed mechanism for transporting currency documents from theinput to the output along a feed path; a sensor for sensing at least onecoded data portion for each currency document transported along the feedpath; and, a processor for: determining, from the at least one sensedcoded data portion, a sensed identity for each currency document;determining, from the sensed identity, a determined value for eachcurrency document; and, counting the currency documents using thedetermined values.

Optionally, the security document is used in a method of providing asecurity document having a security feature, the method including:creating the security document; determining an identity associated withthe security document; generating a signature using the identity, thesignature being a digital signature of at least part of the identity;generating coded data, the coded data including a number of coded dataportions, each coded data portion being indicative of: the identity ofthe security document; and, at least part of the signature; and,printing the coded data on the security document.

Optionally, the security document is used in a method of printing asecurity document having a security feature, the method including:receiving the security document; receiving identity data, the identitydata being at least partially indicative of an identity of the securitydocument, the identity data being encrypted using a public key;determining the identity by decrypting the received identity data usinga secret key associated with the public key; generating a signatureusing the determined identity, the signature being a digital signatureof at least part of the identity; generating coded data at leastpartially indicative of: the identity of the security document; and, atleast part of the signature; and, printing the coded data on thesecurity document.

Optionally, the security document is used in a system for recording atransaction relating to a security document, the system including acomputer system for: receiving indicating data from a sensing device,the sensing device being responsive to sensing of the coded data togenerate indicating data at least partially indicative of: the identityof the security document; and, the transaction; and, updating, using thereceived indicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the security document is used in a method for monitoringtransactions involving security documents, the method including, in acomputer system and following a transaction involving a securitydocument: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; updating, using the received indicatingdata, transaction data stored in a data store, the transaction databeing indicative of, for each of a number of security documents,performed transactions; comparing the transaction data to one or morepredetermined patterns to thereby determine the presence or absence of acash flow anomaly.

Optionally, the security document data relating to the security documentis stored in a security document database, the security document dataincluding, for each of a number of security documents: identity data,the identity data being at least partially indicative of an identity ofthe security document; attribute data, the attribute data being at leastpartially indicative of one or more attributes of the security document;wherein, in use, the security document database allows a computer systemto: receive, from a sensing device, indicating data at least partiallyindicative of at least one of: the identity; and one or more attributes;use the received indicating data and the security document data toperform an action associated with the security document.

Optionally, the security document is used in a transaction and a set ofinstructions is used for causing a computer system to monitor thetransaction, the set of instructions, when executed by the computersystem, causing the computer system to: receive indicating data from asensing device, the sensing device being responsive to sensing of codeddata to generate indicating data at least partially indicative of: theidentity of the security document; and, the transaction; updating, usingthe received indicating data, transaction data stored in a data store,the transaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the security document is a currency document, and aplurality of currency documents are counted using a currency counterexecuting a set of instructions, the currency counter having: an inputfor receiving a number of currency documents to be counted; an outputfor providing counted currency documents; a feed mechanism fortransporting currency documents from the input to the output along afeed path; a sensor for sensing at least one coded data portion for eachcurrency document transported along the feed path; and, a processor, theset of instructions, when executed by the processor, causing theprocessor to: determine, from the at least one sensed coded dataportion, a sensed identity for each currency document; determine, fromthe sensed identity, a determined value for each currency document; and,count the currency documents using the determined values.

Optionally, the security document is authenticated using a processor foruse in a device, the coded data being further at least partiallyindicative of a signature, the signature being a digital signature of atleast part of the identity, the processor being adapted to: receiveindicating data from a sensor in the device, the sensor being responsiveto sensing of the coded data to generate indicating data at leastpartially indicative of: the identity; and, at least part of thesignature; determine, from the indicating data, a determined identityand at least one determined signature part; and, authenticate thesecurity document using the determined identity and the at least onedetermined signature part.

Optionally, the security document is a currency document and is used ina method of counting currency documents, the method including, in asensing device: sensing at least one coded data portion for eachcurrency document; generating, using the sensed coded data portion,indicating data at least partially indicative of the identity of eachcurrency document; and, transferring the indicating data to a computersystem, the computer system being responsive to the indicating data to:determine, using the indicating data, a determined identity for eachcurrency document; determine, using each determined identity, a valuefor each currency document; and, count the currency documents using thedetermined values.

Optionally, the security document is a currency document and is used ina method for authenticating and evaluating the currency document, themethod including, in a sensing device: sensing at least one coded dataportion; generating, using the sensed coded data portion, indicatingdata at least partially indicative of: an identity of the currencydocument; and at least part of a signature, the signature being adigital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the security document further includes anti-copy protection,the identity being uniquely indicative of the respective securitydocument and being stored in a data store to allow for duplication ofthe security document to be determined.

Optionally, the security document is used in a method of recovering astolen security document, the method including in a computer system:receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of the identity; determining, usingthe indicating data, a determined identity; accessing, using thedetermined identity, transaction data stored in a data store, thetransaction data being indicative of a security document status;determining, using the security document status, if the securitydocument is stolen; and, in response to a positive determination,causing the security document to be recovered.

In a eighteenth broad form the invention provides a method of recoveringa stolen security document, the security document having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of at least an identity of thesecurity document, the method including in a computer system: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of the coded data to generate indicating data atleast partially indicative of the identity; determining, using theindicating data, a determined identity; accessing, using the determinedidentity, transaction data stored in a data store, the transaction databeing indicative of a security document status; determining, using thesecurity document status, if the security document is stolen; and, inresponse to a positive determination, causing the security document tobe recovered.

Optionally, the method includes, in the computer system, recording inthe data store, the security document status as being stolen, inresponse to when the security document is stolen.

Optionally, the method includes, in the computer system, updating in thedata store, the security document status as being recovered in responseto a successful recovery of the security document.

Optionally, the computer system includes a display device, wherein themethod includes displaying, using the display device, recovery data foruse in recovering the stolen security document.

Optionally, each coded data portion further encodes a signature, whereinthe signature is a digital signature of at least part of the identity,the method including: receiving indicating data at least partiallyindicative of: an identity of the currency document; and at least partof the signature; and, determining, using the indicating data, thedetermined identity.

Optionally, the indicating data is further indicative of a location ofthe sensing device and where the method includes causing the securitydocument to be recovered in relation to the determined location.

Optionally, the signature is a digital signature of at least part of theidentity and at least part of predetermined padding, the padding beingat least one of: a predetermined number; and, a random number.

Optionally, the entire signature is encoded within a plurality of codeddata portions and wherein the method includes the sensing device sensinga number of coded data portions to thereby determine the entiresignature.

Optionally, the coded data includes a plurality of layouts, each layoutdefining the position of a plurality of first symbols encoding theidentity, and a plurality of second symbols defining at least part ofthe signature.

Optionally, the coded data is substantially invisible to an unaidedhuman.

Optionally, the coded data is printed on the surface using at least oneof: an invisible ink; and, an infrared-absorptive ink.

Optionally, the coded data is provided substantially coincident withvisible human-readable information.

Optionally at least one coded data portion encodes the entire signature.

Optionally the entire signature is formed from a plurality of signatureparts, and wherein each coded data portion encodes a respectivesignature part.

Optionally, at least some of the coded data portions encode at least oneof: a location of the respective coded data portion; a position of therespective coded data portion on the surface; a size of the coded dataportions; a size of a signature; an identity of a signature part; and,units of indicated locations.

Optionally, the coded data includes at least one of: redundant data;data allowing error correction; Reed-Solomon data; and, CyclicRedundancy Check (CRC) data.

Optionally, the digital signature includes at least one of: a randomnumber associated with the identity; a keyed hash of at least theidentity; a keyed hash of at least the identity produced using a privatekey, and verifiable using a corresponding public key; cipher-textproduced by encrypting at least the identity; cipher-text produced byencrypting at least the identity and a random number; and, cipher-textproduced using a private key, and verifiable using a correspondingpublic key; and, cipher-text produced using RSA encryption.

Optionally, the security document is at least one of: a currency note; acheck; a credit or debit card; a redeemable ticket, voucher, or coupon;a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.

Optionally, the identity is indicative of at least one of: a currencynote attribute including at least one of: currency; issue country;denomination; note side; printing works; and serial number; a checkattribute including at least one of: currency; issuing institution;account number; serial number; expiry date; check value; and limit; acard attribute including at least one of: card type; issuinginstitution; account number; issue date; expiry date; and limit.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout including n identical sub-layouts rotated 1/n revolutions apartabout a centre of rotation, at least one sub-layout includingrotation-indicating data that distinguishes that sub-layout from eachother sub-layout.

Optionally, the coded data is arranged in accordance with at least onelayout having n-fold rotational symmetry, where n is at least two, thelayout encoding orientation-indicating data comprising a sequence of aninteger multiple m of n symbols, where m is one or more, each encodedsymbol being distributed at n locations about a centre of rotationalsymmetry of the layout such that decoding the symbols at each of the norientations of the layout produces n representations of theorientation-indicating data, each representation comprising a differentcyclic shift of the orientation-indicating data and being indicative ofthe degree of rotation of the layout.

Optionally, the method is further used for tracking a security document,the method including, in a computer system: receiving indicating datafrom a sensing device, the sensing device being responsive to sensing ofthe coded data to generate indicating data indicative of the identity ofthe product item; and, updating, using the received indicating data,tracking data stored in a data store, tracking data being indicative of:the identity of the product item; and, tracking information.

Optionally, the sensing device includes: a housing adapted to be held bya user in use; a radiation source for exposing at least one coded dataportion; a sensor for sensing the at least one exposed coded dataportion; and, a processor for determining, using the at least one sensedcoded data portion, a sensed identity.

Optionally, the method is further used for determining a counterfeitsecurity document, each coded data portion being further indicative ofat least part of a signature, the signature being a digital signature ofat least part of the identity, wherein the method further includes: in asensing device: generating, using the sensed coded data portion,indicating data indicative of: the identity; and, at least one signaturepart; and, in a processor: determining, from the indicating data: adetermined identity; and, at least one determined signature part; and,determining if the security document is a counterfeit document using thedetermined identity and the at least one determined signature part.

Optionally, the method is further used for determining a possibleduplicated security document, wherein the method includes, in a computersystem: receiving indicating data from a sensing device, the sensingdevice being responsive to sensing of the coded data to generateindicating data indicative of the identity of the security document;determining, from the indicating data, a determined identity; accessing,using the determined identity, tracking data indicative of: the identityof the security document; and, tracking information indicative of thelocation of the security document; and, determining, using the trackinginformation, if the security document is a possible duplicate.

Optionally, the method is used in a currency counter for countingcurrency documents, each currency document having disposed thereon ortherein coded data including a number of coded data portions, each codeddata portion being indicative of an identity of the currency document,the counter including: an input for receiving a number of currencydocuments to be counted; an output for providing counted currencydocuments; a feed mechanism for transporting currency documents from theinput to the output along a feed path; a sensor for sensing at least onecoded data portion for each currency document transported along the feedpath; and, a processor for: determining, from the at least one sensedcoded data portion, a sensed identity for each currency document;determining, from the sensed identity, a determined value for eachcurrency document; and, counting the currency documents using thedetermined values.

Optionally, the security document having a security feature, wherein themethod of providing the security document includes: creating thesecurity document; determining an identity associated with the securitydocument; generating a signature using the identity, the signature beinga digital signature of at least part of the identity; generating codeddata, the coded data including a number of coded data portions, eachcoded data portion being indicative of: the identity of the securitydocument; and, at least part of the signature; and, printing the codeddata on the security document.

Optionally, the security document being printed with a security feature,wherein the method of printing the security document includes: receivingthe security document; receiving identity data, the identity data beingat least partially indicative of an identity of the security document,the identity data being encrypted using a public key; determining theidentity by decrypting the received identity data using a secret keyassociated with the public key; generating a signature using thedetermined identity, the signature being a digital signature of at leastpart of the identity; generating coded data at least partiallyindicative of: the identity of the security document; and, at least partof the signature; and, printing the coded data on the security document.

Optionally, the method is used in a system for recording a transactionrelating to a security document, the system including a computer systemfor: receiving indicating data from a sensing device, the sensing devicebeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity of the securitydocument; and, the transaction; and, updating, using the receivedindicating data, transaction data stored in a data store, thetransaction data being indicative of: the identity of the securitydocument; and, the transaction.

Optionally, the method is further used for monitoring transactionsinvolving security documents, the method including, in a computer systemand following a transaction involving a security document: receivingindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of,for each of a number of security documents, performed transactions;comparing the transaction data to one or more predetermined patterns tothereby determine the presence or absence of a cash flow anomaly.

Optionally, the method includes using a security document database, thedatabase storing security document data including, for each of a numberof security documents: identity data, the identity data being at leastpartially indicative of an identity of the security document; attributedata, the attribute data being at least partially indicative of one ormore attributes of the security document; wherein, in use, the securitydocument database allows a computer system to: receive, from a sensingdevice, indicating data at least partially indicative of at least oneof: the identity; and one or more attributes; use the receivedindicating data and the security document data to perform an actionassociated with the security document.

Optionally, the method is further used for causing a computer system tomonitor transactions involving security documents, the method beingperformed using a set of instructions, each security document havingdisposed thereon or therein coded data including a number of coded dataportions, each coded data portion being indicative of at least anidentity of the security document, the set of instructions, whenexecuted by the computer system, causing the computer system to: receiveindicating data from a sensing device, the sensing device beingresponsive to sensing of coded data to generate indicating data at leastpartially indicative of: the identity of the security document; and, thetransaction; updating, using the received indicating data, transactiondata stored in a data store, the transaction data being indicative of:the identity of the security document; and, the transaction.

Optionally, the method is further used for counting currency documents,the method being performed using a set of instructions, each currencydocument having disposed therein or thereon at least one coded dataportion being indicative of at least an identity of the currencydocument, the currency counter having: an input for receiving a numberof currency documents to be counted; an output for providing countedcurrency documents; a feed mechanism for transporting currency documentsfrom the input to the output along a feed path; a sensor for sensing atleast one coded data portion for each currency document transportedalong the feed path; and, a processor, the set of instructions, whenexecuted by the processor, causing the processor to: determine, from theat least one sensed coded data portion, a sensed identity for eachcurrency document; determine, from the sensed identity, a determinedvalue for each currency document; and, count the currency documentsusing the determined values.

Optionally, the method is used in a processor for use in a device forauthenticating security documents, the coded data further being at leastpartially indicative of a signature, the signature being a digitalsignature of at least part of the identity, the processor being adaptedto: receive indicating data from a sensor in the device, the sensorbeing responsive to sensing of the coded data to generate indicatingdata at least partially indicative of: the identity; and, at least partof the signature; determine, from the indicating data, a determinedidentity and at least one determined signature part; and, authenticatethe security document using the determined identity and the at least onedetermined signature part.

Optionally, the method is further used for counting currency documents,each currency document having disposed thereon or therein coded dataincluding a plurality of coded data portions, each coded data portionbeing at least partially indicative of an identity of the currencydocument, the method including, in a sensing device: sensing at leastone coded data portion for each currency document; generating, using thesensed coded data portion, indicating data at least partially indicativeof the identity of each currency document; and, transferring theindicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, using the indicatingdata, a determined identity for each currency document; determine, usingeach determined identity, a value for each currency document; and, countthe currency documents using the determined values.

Optionally, the method further being used for authenticating andevaluating a currency document, the currency document having disposedthereon or therein coded data including a plurality of coded dataportions, the method including, in a sensing device: sensing at leastone coded data portion; generating, using the sensed coded data portion,indicating data at least partially indicative of: an identity of thecurrency document; and at least part of a signature, the signature beinga digital signature of at least part of the identity; and, transferringthe indicating data to a computer system, the computer system beingresponsive to the indicating data to: determine, from the indicatingdata, a received identity, and a received signature part; authenticatethe currency document using the received identity and the receivedsignature part; and, in response to a successful authentication,determine, using the received identity, a value associated with thecurrency document.

Optionally, the security document includes anti-copy protection, theidentity being uniquely indicative of the respective security documentand being stored in a data store to allow for duplication of thesecurity document to be determined.

Optionally, the security document includes anti-forgery protection, eachcoded data portion being further indicative of at least part of asignature, the signature being formed by encrypting at least part of theidentity using a private key of public/private key pair, such that:valid security documents can only be created using the private key; and,validity of the security document can be confirmed using thecorresponding public key.

In another broad form the invention provides a method of recovering astolen security document, the security document having disposed thereonor therein coded data including a number of coded data portions, eachcoded data portion being indicative of at least an identity of thesecurity document, the method including in a sensing device: sensing atleast some of the coded data portions; generating indicating data atleast partially indicative of the identity; transferring the indicatingdata to a computer system, the computer system being responsive toindicating data to: determine, using the indicating data, a determinedidentity; access, using the determined identity, transaction data storedin a data store, the transaction data being indicative of a securitydocument status; determine, using the security document status, if thesecurity document is stolen; and, in response to a positivedetermination, cause the security document to be recovered.

In a nineteenth broad form the present invention provides a method ofverifying an object, wherein the method includes, in a computer system:receiving a verification request, the request being at least partiallyindicative of: an identity of the object; at least one signaturefragment, the signature being a digital signature of at least part ofthe identity; determining, using the verification request, a determinedidentity; determining, using the determined identity, and from adatabase, at least one criterion relating to verification; and,comparing the received verification request to the at least onecriterion; and causing the object to be verified if the at least onecriterion is satisfied.

Optionally the at least one criterion relates to a limit on at least oneof: a number of received verification requests; a rate of receivedverification requests; and, timing of received verification requests.

Optionally the limit is defined in respect of at least one of: theidentity of the object; the signature; the signature fragment; averification request source; and, the object.

Optionally the limit is proportional to a size of the signaturefragment.

Optionally the method includes, in the computer system: determining,using the verification request: a request history indicative of a numberof previously received verification requests; and, a correspondinglimit; determining, using the verification request and the requesthistory, a request number; and, causing the object to be verified if therequest number does not exceed the corresponding limit.

Optionally the method includes, in the computer system, and in responseto a verification request, updating the request history.

Optionally the request history is indicative of the timing of thereceived verification request.

Optionally the request history is associated with: the identity of theobject; the signature; the signature fragment; a verification requestsource; and, the object.

Optionally the method includes, in the computer system, verifying theobject by authenticating the object using the identity of the object andthe at least one signature fragment.

Optionally the verification request is at least partially indicative ofan identity of the signature fragment.

Optionally the object is associated with a surface having disposedthereon or therein coded data including a number of coded data portions,each coded data portion being indicative of at least the identity and asignature fragment, and wherein, in response to sensing of at least onecoded data portion, a sensing device generates the verification request.

Optionally the verification request is at least partially indicative ofan identity of the signature fragment, the fragment identity being basedon at least one of: a number encoded within the at least one sensedcoded data portion; and, a position of the at least one sensed codeddata portion on the surface.

Optionally the method includes, in the computer system, only comparingthe received verification request to the at least one criterion after afailed verification.

Optionally the method includes, in a computer system: receiving averification request, the request being at least partially indicativeof: an identity of the object; a concatenation of: a signature fragment,the signature fragment being a digital signature of at least part of theidentity; and a random signature; determining, using the verificationrequest, a determined identity; determining, using the concatenation,the signature fragment; and, verifying the object using the determinedidentity and the signature fragment.

Optionally the method includes, in the computer system: determining,using the determined identity, a key; generating, using the determinedidentity and the key, a generated signature; comparing the generatedsignature to the concatenation to thereby identify and authenticate thesignature fragment.

In another broad form the present invention provides coded data fordisposal on or in a surface, the coded data including a number of codeddata portions, each coded data portion encoding: an identity; and, afragment of a signature, the signature being a digital signature of atleast part of the identity; and a random signature.

In another broad form the present invention provides coded data fordisposal on or in a surface, the coded data including a number of codeddata portions, each coded data portion being at least partiallyindicative of: an identity; at least fragment of a signature, thesignature being a digital signature of at least part of the identity;and, a position of the coded data on the surface.

Optionally each coded data portion is at least partially indicative of adata portion identity, the data portion identity being unique for eachcoded data portion, the data portion identity being indicative of theposition.

Optionally the coded data is disposed on or in the surface using alayout, the layout being indicative of, for each data portion identity,the position of the corresponding coded data portion.

Optionally the signature is generated using RSA encryption.

BRIEF DESCRIPTION OF THE DRAWINGS

An example of the present invention will now be described with referenceto the accompanying drawings, in which:—

FIG. 1 is an example of a document including Hyperlabel encoding;

FIG. 2 is an example of a system for interacting with the Hyperlabeldocument of FIG. 1;

FIG. 3 is a further example of system for interacting with theHyperlabel document of FIG. 1;

FIG. 4. is a first example of a tag structure;

FIG. 5. is an example of a symbol unit cell for the tag structure ofFIG. 4;

FIG. 6. is an example of an array of the symbol unit cells of FIG. 5;

FIG. 7. is an example of symbol bit ordering in the unit cells of FIG.5;

FIG. 8. is an example of the tag structure of FIG. 4 with every bit set;

FIG. 9. is an example of tag types within a tag group for the tagstructure of FIG. 4;

FIG. 10. is an example of continuous tiling of the tag groups of FIG. 9;

FIG. 11. is an example of the orientation-indicating cyclic positioncodeword R for the tag group of FIG. 4;

FIG. 12. is an example of a local codeword A for the tag group of FIG.4;

FIG. 13. is an example of distributed codewords B, C, D and E, for thetag group of FIG. 4;

FIG. 14. is an example of a layout of complete tag group;

FIG. 15. is an example of a code word for the tag group of FIG. 4;

FIG. 16. is an example of an alternative tag group for the tag structureof FIG. 4;

FIG. 17. is a second example of a tag structure;

FIG. 18. is a third example of a tag structure;

FIG. 19 is an example of an item signature object model;

FIG. 20 is an example of Hyperlabel tags applied to a currency note;

FIG. 21 is an example of a note creation and distribution process;

FIG. 22. is an example of Scanning at Retailer interactions;

FIG. 23. is an example of Online Scanning interaction detail;

FIG. 24. is an example of Offline Scanning interaction details;

FIG. 25. is an example of netpage Pen Scanning interactions;

FIG. 26. is an example of netpage Pen Scanning interaction details;

FIG. 27. is an example of a Hyperlabel tag class diagram;

FIG. 28. is an example of a note ID class diagram

FIG. 29. is an example of an Object Description, ownership andaggregation class diagram;

FIG. 30. is an example of an Object Scanning History class diagram;

FIG. 31. is an example of scanner class diagram;

FIG. 32. is an example of an object ID hot list diagram;

FIG. 33. is an example of a valid ID range class diagram;

FIG. 34. is an example of Public Key List class diagram;

FIG. 35. is an example of a Trusted Authenticator class diagram;

FIG. 36. is an example of Tagging and Tracking Object Management;

FIG. 37. is an example of use of a currency counter;

FIG. 38. is an example of use of an automatic teller machine;

FIG. 39. is an example of use of a cash register;

FIG. 40. is an example of a Hyperlabel supermarket checkout;

FIG. 41. is an example of a handheld validity scanner;

FIG. 42. is an example of use of a handheld validity scanner;

FIG. 43. is an example of use of a sensing pen; and,

FIG. 44 is an example of a vending machine.

DETAILED DESCRIPTION OF THE DRAWINGS

The Netpage surface coding consists of a dense planar tiling of tags.Each tag encodes its own location in the plane. Each tag also encodes,in conjunction with adjacent tags, an identifier of the regioncontaining the tag. In the Netpage system, the region typicallycorresponds to the entire extent of the tagged surface, such as one sideof a sheet of paper.

Hyperlabel is the adaptation of the Netpage tags for use in unique itemidentification for a wide variety of applications, including securitydocument protection, object tracking, pharmaceutical security,supermarket automation, interactive product labels, web-browsing fromprinted surfaces, paper based email, and many others.

Using Memjet™ digital printing technology (which is the subject of anumber of pending U.S. patent applications including U.S. Ser. No.10/407,212), Hyperlabel tags are printed over substantially an entiresurface, such as a security document, bank note, or pharmaceuticalpackaging, using infrared (IR) ink. By printing the tags ininfrared-absorptive ink on any substrate which is infrared-reflective,the near-infrared wavelengths, and hence the tags are invisible to thehuman eye but are easily sensed by a solid-state image sensor with anappropriate filter. This allows machine readable information to beencoded over a large portion of the note or other surface, with novisible effect on the original note text or graphics thereon. A scanninglaser or image sensor can read the tags on any part of the surface toperforms associated actions, such as validating each individual note oritem.

An example of such a hyperlabel encoded document, is shown in FIG. 1. Inthis example, the hyperlabel document consists of graphic data 2 printedusing visible ink, and coded data 3 formed from hyperlabel tags 4. Thedocument includes an interactive element 6 defined by a zone 7 whichcorresponds to the spatial extent of a corresponding graphic 8. In use,the tags encode tag data including an ID. By sensing at least one tag,and determining and interpreting the encoded ID using an appropriatesystem, this allows the associated actions to be performed.

In one example, a tag map is used to define a layout of the tags on thehyperlabel document based on the ID encoded within the tag data. The IDcan also be used to reference a document description which describes theindividual elements of the hyperlabel document, and in particulardescribes the type and spatial extent (zone) of interactive elements,such as a button or text field. Thus, in this example, the element 6 hasa zone 7 which corresponds to the spatial extent of a correspondinggraphic 8. This allows a computer system to interpret interactions withthe hyperlabel document.

In position indicating techniques, the ID encoded within the tag data ofeach tag allows the exact position of the tag on the hyperlabel documentto be determined from the tag map. The position can then be used todetermine whether the sensed tag is positioned in a zone of aninteractive element from the document description.

In object indicating techniques, the ID encoded within the tag dataallows the presence of the tag in a region of the document to bedetermined from the tag map (the relative position of the tag within theregion may also be indicated). In this case, the document descriptioncan be used to determine whether the region corresponds to the zone ofan interactive element.

An example of this process will now be described with reference to FIGS.2 and 3 which show how a sensing device in the form of a netpage orhyperlabel pen 101, which interacts with the coded data on a printedhyperlabel document 1, such as a security document, label, productpackaging or the like.

The hyperlabel pen 101 senses a tag using an area image sensor anddetects tag data. The hyperlabel pen 101 uses the sensed coded data togenerate interaction data which is transmitted via a short-range radiolink 9 to a relay 44, which may form part of a computer 75 or a printer601. The relay sends the interaction data, via a network 19, to adocument server 10, which uses the ID to access the documentdescription, and interpret the interaction. In appropriatecircumstances, the document server sends a corresponding message to anapplication server 13, which can then perform a corresponding action.

In an alternative embodiment, the PC, Web terminal, netpage printer orrelay device may communicate directly with local or remote applicationsoftware, including a local or remote Web server. Relatedly, output isnot limited to being printed by the netpage printer. It can also bedisplayed on the PC or Web terminal, and further interaction can bescreen-based rather than paper-based, or a mixture of the two.

Typically hyperlabel pen users register with a registration server 11,which associates the user with an identifier stored in the respectivehyperlabel pen. By providing the sensing device identifier as part ofthe interaction data, this allows users to be identified, allowingtransactions or the like to be performed.

Hyperlabel documents are generated by having an ID server generate an IDwhich is transferred to the document server 10. The document server 10determines a document description and then records an associationbetween the document description and the ID, to allow subsequentretrieval of the document description using the ID.

The ID is then used to generate the tag data, as will be described inmore detail below, before the document is printed by the hyperlabelprinter 601, using the page description and the tag map.

Each tag is represented by a pattern which contains two kinds ofelements. The first kind of element is a target. Targets allow a tag tobe located in an image of a coded surface, and allow the perspectivedistortion of the tag to be inferred. The second kind of element is amacrodot. Each macrodot encodes the value of a bit by its presence orabsence.

The pattern is represented on the coded surface in such a way as toallow it to be acquired by an optical imaging system, and in particularby an optical system with a narrowband response in the near-infrared.The pattern is typically printed onto the surface using a narrowbandnear-infrared ink.

In the Hyperlabel system the region typically corresponds to the surfaceof an entire product item, or to a security document, and the region IDcorresponds to the unique item ID. For clarity in the followingdiscussion we refer to items and item IDs (or simply IDs), with theunderstanding that the item ID corresponds to the region ID.

The surface coding is designed so that an acquisition field of viewlarge enough to guarantee acquisition of an entire tag is large enoughto guarantee acquisition of the ID of the region containing the tag.Acquisition of the tag itself guarantees acquisition of the tag'stwo-dimensional position within the region, as well as othertag-specific data. The surface coding therefore allows a sensing deviceto acquire a region ID and a tag position during a purely localinteraction with a coded surface, e.g. during a “click” or tap on acoded surface with a pen.

A wide range of different tag structures can be used, and some exampleswill now be described.

First Example Tag Structure

FIG. 4 shows the structure of a complete tag. Each of the four blackcircles is a target. The tag, and the overall pattern, has four-foldrotational symmetry at the physical level.

Each square region represents a symbol, and each symbol represents fourbits of information.

FIG. 5 shows the structure of a symbol. It contains four macrodots, eachof which represents the value of one bit by its presence (one) orabsence (zero).

The macrodot spacing is specified by the parameter s throughout thisdocument. It has a nominal value of 143 μm, based on 9 dots printed at apitch of 1600 dots per inch. However, it is allowed to vary by ±10%according to the capabilities of the device used to produce the pattern.

FIG. 6 shows an array of nine adjacent symbols. The macrodot spacing isuniform both within and between symbols.

FIG. 7 shows the ordering of the bits within a symbol. Bit zero is theleast significant within a symbol; bit three is the most significant.Note that this ordering is relative to the orientation of the symbol.The orientation of a particular symbol within the tag is indicated bythe orientation of the label of the symbol in the tag diagrams. Ingeneral, the orientation of all symbols within a particular segment ofthe tag have the same orientation, consistent with the bottom of thesymbol being closest to the centre of the tag.

Only the macrodots are part of the representation of a symbol in thepattern. The square outline of a symbol is used in this document to moreclearly elucidate the structure of a tag. FIG. 8, by way ofillustration, shows the actual pattern of a tag with every bit set. Notethat, in practice, every bit of a tag can never be set.

A macrodot is nominally circular with a nominal diameter of ( 5/9) s.However, it is allowed to vary in size by ±10% according to thecapabilities of the device used to produce the pattern.

A target is nominally circular with a nominal diameter of ( 17/9) s.However, it is allowed to vary in size by ±10% according to thecapabilities of the device used to produce the pattern.

The tag pattern is allowed to vary in scale by up to ±10% according tothe capabilities of the device used to produce the pattern. Anydeviation from the nominal scale is recorded in the tag data to allowaccurate generation of position samples.

Each symbol shown in the tag structure in FIG. 4 has a unique label.Each label consists an alphabetic prefix and a numeric suffix.

Tag Group

Tags are arranged into tag groups. Each tag group contains four tagsarranged in a square. Each tag therefore has one of four possible tagtypes according to its location within the tag group square. The tagtypes are labelled 00, 10, 01 and 11, as shown in FIG. 9.

Each tag in the tag group is rotated as shown in the figure, i.e. tagtype 00 is rotated 0 degrees, tag type 10 is rotated 90 degrees, tagtype 11 is rotated 180 degrees, and tag type 01 is rotated 270 degrees.

FIG. 10 shows how tag groups are repeated in a continuous tiling oftags. The tiling guarantees the any set of four adjacent tags containsone tag of each type.

Orientation-Indicating Cyclic Position Code

The tag contains a 2⁴-ary (4, 1) cyclic position codeword which can bedecoded at any of the four possible orientations of the tag to determinethe actual orientation of the tag. Symbols which are part of the cyclicposition codeword have a prefix of “R” and are numbered 0 to 3 in orderof increasing significance.

The cyclic position codeword is (0, 7, 9, E₁₆). Note that it only usesfour distinct symbol values, even though a four-bit symbol has sixteenpossible values. During decoding, any unused symbol value should, ifdetected, be treated as an erasure. To maximise the probability oflow-weight bit error patterns causing erasures rather than symbolerrors, the symbol values are chosen to be as evenly spaced on thehypercube as possible.

The minimum distance of the cyclic position code is 4, hence itserror-correcting capacity is one symbol in the presence of up to oneerasure, and no symbols in the presence of two or more erasures.

The layout of the orientation-indicating cyclic position codeword isshown in FIG. 11.

Local Codeword

The tag locally contains one complete codeword which is used to encodeinformation unique to the tag. The codeword is of a punctured 2⁴-ary(13, 7) Reed-Solomon code. The tag therefore encodes up to 28 bits ofinformation unique to the tag.

The layout of the local codeword is shown in FIG. 12.

Distributed Codewords

The tag also contains fragments of four codewords which are distributedacross the four adjacent tags in a tag group and which are used toencode information common to a set of contiguous tags. Each codeword isof a 2⁴-ary (15, 11) Reed-Solomon code. Any four adjacent tags thereforetogether encode up to 176 bits of information common to a set ofcontiguous tags.

The layout of the four complete codewords, distributed across the fouradjacent tags in a tag group, is shown in FIG. 13. The order of the fourtags in the tag group in FIG. 13 is the order of the four tags in FIG.9.

FIG. 14 shows the layout of a complete tag group.

Reed-Solomon Encoding

Local Codeword

The local codeword is encoded using a punctured 2⁴-ary (13, 7)Reed-Solomon code. The code encodes 28 data bits (i.e. seven symbols)and 24 redundancy bits (i.e. six symbols) in each codeword. Itserror-detecting capacity is six symbols. Its error-correcting capacityis three symbols.

As shown in FIG. 15, codeword coordinates are indexed in coefficientorder, and the data bit ordering follows the codeword bit ordering.

The code is a 2⁴-ary (15, 7) Reed-Solomon code with two redundancycoordinates removed. The removed coordinates are the most significantredundancy coordinates.

The code has the following primitive polynominal:p(x)=x ⁴ +x+1  (EQ 1)

The code has the following generator polynominal:g(x)=(x+α)(x+α ²) . . . (x+α ⁸)  (EQ 2)Distributed Codewords

The distributed codewords are encoded using a 2⁴-ary (15, 11)Reed-Solomon code. The code encodes 44 data bits (i.e. eleven symbols)and 16 redundancy bits (i.e. four symbols) in each codeword. Itserror-detecting capacity is four symbols. Its error-correcting capacityis two symbols.

Codeword coordinates are indexed in coefficient order, and the data bitordering follows the codeword bit ordering.

The code has the same primitive polynominal as the local codeword code.

The code has the following generator polynominal:g(x)=(x+α)(x+α ²) . . . (x+α ⁴)  (EQ 3)Tag Coordinate Space

The tag coordinate space has two orthogonal axes labelled x and yrespectively. When the positive x axis points to the right then thepositive y axis points down.

The surface coding does not specify the location of the tag coordinatespace origin on a particular tagged surface, nor the orientation of thetag coordinate space with respect to the surface. This information isapplication-specific. For example, if the tagged surface is a sheet ofpaper, then the application which prints the tags onto the paper mayrecord the actual offset and orientation, and these can be used tonormalise any digital ink subsequently captured in conjunction with thesurface.

The position encoded in a tag is defined in units of tags. Byconvention, the position is taken to be the position of the centre ofthe target closest to the origin.

Tag Information Content

Field Definitions

Table 1 defines the information fields embedded in the surface coding.Table 2 defines how these fields map to codewords.

TABLE 1 Field definitions width field (bits) description per tag xcoordinate 9 or 13 The unsigned x coordinate of the tag allows maximumcoordinate values of approximately 0.9 m and 14 m respectively. ycoordinate 9 or 13 The unsigned y coordinate of the tag allows maximumcoordinate values of approximately 0.9 m and 14 m respectively activearea flag 1 b′1′ indicates whether the area (the diameter of the areantered on the tag, is nominally 5 times the diagonal size of the tag)immediately surrounding the tag intersects an active area data fragmentflag 1 A flag indicating whether a data fragment is present (see nextfield). b′1′ indicates the presence of a data fragment. If the datafragment is present then the width of the x and y coordinate fields is9. If it is absent then the width is 13. data fragment 0 or 8 A fragmentof an embedded data stream. per tag group (i.e. per region) encodingformat 8 The format of the encoding. 0: the present encoding Othervalues are reserved. region flags 8 Flags controlling the interpretationof region data. 0: region ID is an EPC 1: region has signature 2: regionhas embedded data 3: embedded data is signature Other bits are reservedand must be zero. tag size ID 8 The ID of the tag size. 0: the presenttag size the nominal tag size is 1.7145 mm, based on 1600 dpi, 9 dotsper macrodot, and 12 macrodots per tag Other values are reserved. regionID 96 The ID of the region containing the tags. signature 36 Thesignature of the region. high-order coordinate 4 The width of thehigh-order part of the x and y width (w) coordinates of the tag.high-order x coordinate 0 to 15 High-order part of the x coordinate ofthe tag expands the maximum coordinate values to approximately 2.4 kmand 38 km respectively high-order y coordinate 0 to 15 High-order partof the y coordinate of the tag expands the maximum coordinate values toapproximately 2.4 km and 38 km respectively. CRC 16 A CRC of tag groupdata.

An active area is an area within which any captured input should beimmediately forwarded to the corresponding hyperlabel server forinterpretation. This also allows the hyperlabel server to signal to theuser that the input has had an immediate effect. Since the server hasaccess to precise region definitions, any active area indication in thesurface coding can be imprecise so long as it is inclusive.

The width of the high-order coordinate fields, if non-zero, reduces thewidth of the signature field by a corresponding number of bits. Fullcoordinates are computed by prepending each high-order coordinate fieldto its corresponding coordinate field.

TABLE 2 Mapping of fields to codewords codeword field codeword bitsfield width bits A 12:0  x coordinate 13 all 12:9  data fragment 4 3:025:13 y coordinate 13 all 25:22 data fragment 4 7:4 26 active area flag1 all 27 data fragment flag 1 all B 7:0 encoding format 8 all 15:8 region flags 8 all 23:16 tag size ID 8 all 39:24 CRC 16 all 43:40high-order coordinate 4 3:0 width (w) C 35:0  signature 36 all  (35 −w):(36 − 2w) high-order x coordinate w all     35:(36 − w) high-order ycoordinate w all 43:36 region ID 8 7:0 D 43:0  region ID 44 51:8  E43:0  region ID 44 95:52Embedded Data

If the “region has embedded data” flag in the region flags is set thenthe surface coding contains embedded data. The data is encoded inmultiple contiguous tags' data fragments, and is replicated in thesurface coding as many times as it will fit.

The embedded data is encoded in such a way that a random and partialscan of the surface coding containing the embedded data can besufficient to retrieve the entire data. The scanning system reassemblesthe data from retrieved fragments, and reports to the user whensufficient fragments have been retrieved without error.

As shown in Table 3, a 200-bit data block encodes 160 bits of data. Theblock data is encoded in the data fragments of a contiguous group of 25tags arranged in a 5×5 square. A tag belongs to a block whose integercoordinate is the tag's coordinate divided by 5. Within each block thedata is arranged into tags with increasing x coordinate withinincreasing y coordinate.

A data fragment may be missing from a block where an active area map ispresent. However, the missing data fragment is likely to be recoverablefrom another copy of the block.

Data of arbitrary size is encoded into a superblock consisting of acontiguous set of blocks arranged in a rectangle. The size of thesuperblock is encoded in each block. A block belongs to a superblockwhose integer coordinate is the block's coordinate divided by thesuperblock size. Within each superblock the data is arranged into blockswith increasing x coordinate within increasing y coordinate.

The superblock is replicated in the surface coding as many times as itwill fit, including partially along the edges of the surface coding.

The data encoded in the superblock may include more precise typeinformation, more precise size information, and more extensive errordetection and/or correction data.

TABLE 3 Embedded data block field width description data type 8 The typeof the data in the superblock. Values include: 0: type is controlled byregion flags 1: MIME Other values are TBA. superblock width 8 The widthof the superblock, in blocks. superblock height 8 The height of thesuperblock, in blocks. data 160 The block data. CRC 16 A CRC of theblock data. total 200

It will be appreciated that any form of embedded data may be used,including for example, text, image, audio, video data, such as productinformation, application data, contact data, business card data, anddirectory data.

Region Signatures

If the “region has signature” flag in the region flags is set then thesignature field contains a signature with a maximum width of 36 bits.The signature is typically a random number associated with the region IDin a secure database. The signature is ideally generated using a trulyrandom process, such as a quantum process, or by distilling randomnessfrom random events.

In an online environment the signature can be validated, in conjunctionwith the region ID, by querying a server with access to the securedatabase.

If the “region has embedded data” and “embedded data is signature” flagsin the region flags are set then the surface coding contains a 160-bitcryptographic signature of the region ID. The signature is encoded in aone-block superblock.

In an online environment any number of signature fragments can be used,in conjunction with the region ID and optionally the random signature,to validate the signature by querying a server with knowledge of thefull signature or the corresponding private key.

In an offline (or online) environment the entire signature can berecovered by reading multiple tags, and can then be validated using thecorresponding public signature key.

Signature verification is discussed in more detail below.

MIME Data

If the embedded data type is “MIME” then the superblock containsMultipurpose Internet Mail Extensions (MIME) data according to RFC 2045(Freed, N., and N. Borenstein, “Multipurpose Internet Mail Extensions(MIME)—Part One: Format of Internet Message Bodies”, RFC 2045, November1996), RFC 2046 (Freed, N., and N. Borenstein, “Multipurpose InternetMail Extensions (MIME)—Part Two: Media Types”, RFC 2046, November 1996)and related RFCs. The MIME data consists of a header followed by a body.The header is encoded as a variable-length text string preceded by an8-bit string length. The body is encoded as a variable-lengthtype-specific octet stream preceded by a 16-bit size in big-endianformat.

The basic top-level media types described in RFC 2046 include text,image, audio, video and application.

RFC 2425 (Howes, T., M. Smith and F. Dawson, “A MIME Content-Type forDirectory Information”, RFC 2045, September 1998) and RFC 2426 (Dawson,F., and T. Howes, “vCard MIME Directory Profile”, RFC 2046, September1998) describe a text subtype for directory information suitable, forexample, for encoding contact information which might appear on abusiness card.

Encoding and Printing Considerations

The Print Engine Controller (PEC) (which is the subject of a number ofpending US patent applications, including: Ser. Nos. 09/575,108;10/727,162; 09/575,110; 09/607,985; U.S. Pat. Nos. 6,398,332; 6,394,573;6,622,923) supports the encoding of two fixed (per-page) 2⁴-ary (15,7)Reed-Solomon codewords and four variable (per-tag) 2⁴-ary (15,7)Reed-Solomon codewords, although other numbers of codewords can be usedfor different schemes.

Furthermore, PEC supports the rendering of tags via a rectangular unitcell whose layout is constant (per page) but whose variable codeworddata may vary from one unit cell to the next. PEC does not allow unitcells to overlap in the direction of page movement.

A unit cell compatible with PEC contains a single tag group consistingof four tags. The tag group contains a single A codeword unique to thetag group but replicated four times within the tag group, and fourunique B codewords. These can be encoded using five of PEC's sixsupported variable codewords. The tag group also contains eight fixed Cand D codewords. One of these can be encoded using the remaining one ofPEC's variable codewords, two more can be encoded using PEC's two fixedcodewords, and the remaining five can be encoded and pre-rendered intothe Tag Format Structure (TFS) supplied to PEC.

PEC imposes a limit of 32 unique bit addresses per TFS row. The contentsof the unit cell respect this limit. PEC also imposes a limit of 384 onthe width of the TFS. The contents of the unit cell respect this limit.

Note that for a reasonable page size, the number of variable coordinatebits in the A codeword is modest, making encoding via a lookup tabletractable. Encoding of the B codeword via a lookup table may also bepossible. Note that since a Reed-Solomon code is systematic, only theredundancy data needs to appear in the lookup table.

Imaging and Decoding Considerations

The minimum imaging field of view required to guarantee acquisition ofan entire tag has a diameter of 39.6 s, i.e.(2×(12+2))√{square root over (2)}sallowing for arbitrary alignment between the surface coding and thefield of view. Given a macrodot spacing of 143 μm, this gives a requiredfield of view of 5.7 mm.

Table 4 gives pitch ranges achievable for the present surface coding fordifferent sampling rates, assuming an image sensor size of 128 pixels.

TABLE 4 Pitch ranges achievable for present surface coding for differentsampling rates, computed using Optimize Hyperlabel Optics; dot pitch =1600 dpi, macrodot pitch = 9 dots, viewing distance = 30 mm, nib-to-FOVseparation = 1 mm, image sensor size = 128 pixels sampling rate pitchrange 2 −40 to

49 2.5 −27 to

36 3 −10 to

18

For the surface coding above, the decoding sequence is as follows:

-   -   locate targets of complete tag    -   infer perspective transform from targets    -   sample cyclic position code    -   decode cyclic position code    -   determine orientation from cyclic position code    -   sample and decode local Reed-Solomon codeword    -   determine tag x-y location    -   infer 3D tag transform from oriented targets    -   determine nib x-y location from tag x-y location and 3D        transform    -   determine active area status of nib location with reference to        active area map    -   generate local feedback based on nib active area status    -   determine tag type    -   sample distributed Reed-Solomon codewords (modulo window        alignment, with reference to tag type)    -   decode distributed Reed-Solomon codewords    -   verify tag group data CRC    -   on decode error flag bad region ID sample    -   determine encoding type, and reject unknown encoding    -   determine region flags    -   determine region ID    -   encode region ID, nib x-y location, nib active area status in        digital ink    -   route digital ink based on region flags

Region ID decoding need not occur at the same rate as position decodingand decoding of a codeword can be avoided if the codeword is found to beidentical to an already-known good codeword.

If the high-order coordinate width is non-zero, then special care mustbe taken on boundaries between tags where the low-order x or ycoordinate wraps, otherwise codeword errors may be introduced. Ifwrapping is detected from the low-order x or y coordinate (i.e. itcontains all zero bits or all one bits), then the correspondinghigh-order coordinate can be adjusted before codeword decoding. In theabsence of genuine symbol errors in the high-order coordinate, this willprevent the inadvertent introduction of codeword errors.

Alternative Tag Arrangements

It will be appreciated that a range of different tag layouts and tagstructures can be utilised.

For example, the tag group shown in FIG. 9 can be replaced with the taggroup shown in FIG. 16, in which the tags are not rotated relative toeach other. FIG. 17 shows an arrangement that utilises a six-foldrotational symmetry at the physical level, with each diamond shaperepresenting a respective symbol. FIG. 18 shows a version of the tag inwhich the tag is expanded to increase its data capacity by addingadditional bands of symbols about its circumference.

The use of these alternative tag structures, including associatedencoding considerations, is described shown in more detail in thecopending patent application numbers [we will need to include a docketnumber here for generic cases], the contents of which is incorporatedherein by cross reference.

Security Discussion

As described above, authentication relies on verifying thecorrespondence between data and a signature of that data. The greaterthe difficulty in forging a signature, the greater the trustworthinessof signature-based authentication.

The item ID is unique and therefore provides a basis for a signature. Ifonline authentication access is assumed, then the signature may simplybe a random number associated with the item ID in an authenticationdatabase accessible to the trusted online authenticator. The randomnumber may be generated by any suitable method, such as via adeterministic (pseudo-random) algorithm, or via a stochastic physicalprocess. A keyed hash or encrypted hash may be preferable to a randomnumber since it requires no additional space in the authenticationdatabase. However, a random signature of the same length as a keyedsignature is more secure than the keyed signature since it is notsusceptible to key attacks. Equivalently, a shorter random signatureconfers the same security as a longer keyed signature.

In the limit case no signature is actually required, since the merepresence of the item ID in the database indicates authenticity. However,the use of a signature limits a forger to forging items he has actuallysighted.

To prevent forgery of a signature for an unsighted ID, the signaturemust be large enough to make exhaustive search via repeated accesses tothe online authenticator intractable. If the signature is generatedusing a key rather than randomly, then its length must also be largeenough to prevent the forger from deducing the key from knownID-signature pairs. Signatures of a few hundred bits are consideredsecure, whether generated using private or secret keys.

While it may be practical to include a reasonably secure randomsignature in a tag (or local tag group), particularly if the length ofthe ID is reduced to provide more space for the signature, it may beimpractical to include a secure ID-derived signature in a tag. Tosupport a secure ID-derived signature, we can instead distributefragments of the signature across multiple tags. If each fragment can beverified in isolation against the ID, then the goal of supportingauthentication without increasing the sensing device field of view isachieved. The security of the signature can still derive from the fulllength of the signature rather than from the length of a fragment, sincea forger cannot predict which fragment a user will randomly choose toverify. A trusted authenticator can always perform fragment verificationsince they have access to the key and/or the full stored signature, sofragment verification is always possible when online access to a trustedauthenticator is available.

Fragment verification requires that we prevent brute force attacks onindividual fragments, otherwise a forger can determine the entiresignature by attacking each fragment in turn. A brute force attack canbe prevented by throttling the authenticator on a per-ID basis. However,if fragments are short, then extreme throttling is required. As analternative to throttling the authenticator, the authenticator caninstead enforce a limit on the number of verification requests it iswilling to respond to for a given fragment number. Even if the limit ismade quite small, it is unlikely that a normal user will exhaust it fora given fragment, since there will be many fragments available and theactual fragment chosen by the user can vary. Even a limit of one can bepractical. More generally, the limit should be proportional to the sizeof the fragment, i.e. the smaller the fragment the smaller the limit.Thus the experience of the user would be somewhat invariant of fragmentsize. Both throttling and enforcing fragment verification limits implyserialisation of requests to the authenticator. Enforcing fragmentverification limits further requires the authenticator to maintain aper-fragment count of satisfied verification requests.

A brute force attack can also be prevented by concatenating the fragmentwith a random signature encoded in the tag. While the random signaturecan be thought of as protecting the fragment, the fragment can also bethought of as simply increasing the length of the random signature andhence increasing its security.

Fragment verification may be made more secure by requiring theverification of a minimum number of fragments simultaneously.

Fragment verification requires fragment identification. Fragments may beexplicitly numbered, or may more economically be identified by thetwo-dimensional coordinate of their tag, modulo the repetition of thesignature across a continuous tiling of tags.

The limited length of the ID itself introduces a further vulnerability.Ideally it should be at least a few hundred bits. In the Netpage surfacecoding scheme it is 96 bits or less. To overcome this the ID may bepadded. For this to be effective the padding must be variable, i.e. itmust vary from one ID to the next. Ideally the padding is simply arandom number, and must then be stored in the authentication databaseindexed by ID. If the padding is deterministically generated from the IDthen it is worthless.

Offline authentication of secret-key signatures requires the use of atrusted offline authentication device. The QA chip (which is the subjectof a number of pending US patent applications, including Ser. Nos.09/112,763; 09/112,762; 09/112,737; 09/112,761; 09/113,223) provides thebasis for such a device, although of limited capacity. The QA chip canbe programmed to verify a signature using a secret key securely held inits internal memory. In this scenario, however, it is impractical tosupport per-ID padding, and it is impractical even to support more thana very few secret keys. Furthermore, a QA chip programmed in this manneris susceptible to a chosen-message attack. These constraints limit theapplicability of a QA-chip-based trusted offline authentication deviceto niche applications.

In general, despite the claimed security of any particular trustedoffline authentication device, creators of secure items are likely to bereluctant to entrust their secret signature keys to such devices, andthis is again likely to limit the applicability of such devices to nicheapplications.

By contrast, offline authentication of public-key signatures (i.e.generated using the corresponding private keys) is highly practical. Anoffline authentication device utilising public keys can trivially holdany number of public keys, and may be designed to retrieve additionalpublic keys on demand, via a transient online connection, when itencounters an ID for which it knows it has no corresponding publicsignature key. Untrusted offline authentication is likely to beattractive to most creators of secure items, since they are able toretain exclusive control of their private signature keys.

A disadvantage of offline authentication of a public-key signature isthat the entire signature must be acquired from the coding, violatingour desire to support authentication with a minimal field of view. Acorresponding advantage of offline authentication of a public-keysignature is that access to the ID padding is no longer required, sincedecryption of the signature using the public signature key generatesboth the ID and its padding, and the padding can then be ignored. Aforger can not take advantage of the fact that the padding is ignoredduring offline authentication, since the padding is not ignored duringonline authentication.

Acquisition of an entire distributed signature is not particularlyonerous. Any random or linear swipe of a hand-held sensing device acrossa coded surface allows it to quickly acquire all of the fragments of thesignature. The sensing device can easily be programmed to signal theuser when it has acquired a full set of fragments and has completedauthentication. A scanning laser can also easily acquire all of thefragments of the signature. Both kinds of devices may be programmed toonly perform authentication when the tags indicate the presence of asignature.

Note that a public-key signature may be authenticated online via any ofits fragments in the same way as any signature, whether generatedrandomly or using a secret key. The trusted online authenticator maygenerate the signature on demand using the private key and ID padding,or may store the signature explicitly in the authentication database.The latter approach obviates the need to store the ID padding.

Note also that signature-based authentication may be used in place offragment-based authentication even when online access to a trustedauthenticator is available.

Table 5 provides a summary of which signature schemes are workable inlight of the foregoing discussion.

TABLE 5 Summary of workable signature schemes encoding acquisitionsignature online offline in tags from tags generation authenticationauthentication Local full random ok Impractical to store per IDinformation secret key Signature too Undesirable to short to be storesecret secure keys private Signature too key short to be secureDistributed fragment(s) random ok impractical^(b) secret key okimpractical^(c) private ok impractical^(b) key full random okimpractical^(b) secret key ok impractical^(c) private ok ok keySecurity Specification

FIG. 19 shows an example item signature object model.

An item has an ID (X) and other details (not shown). It optionally has asecret signature (Z). It also optionally has a public-key signature. Thepublic-key signature records the signature (S) explicitly, and/orrecords the padding (P) used in conjunction with the ID to generate thesignature. The public-key signature has an associated public-private keypair (K, L). The key pair is associated with a one or more ranges ofitem IDs.

Typically issuers of security documents and pharmaceuticals will utilisea range of IDs to identify a range of documents or the like. Followingthis, the issuer will then use these details to generate respective IDsfor each item, or document to be marked.

Authentication of the product can then be performed online or offline bysensing the tag data encoded within the tag, and performing theauthentication using a number of different mechanisms depending on thesituation.

Examples of the processes involved will now be described for public andprivate key encryption respectively.

Authentication Based on Public-Key Signature

Setup per ID range:

-   -   generate public-private signature key pair (K, L)    -   store key pair (K, L) indexed by ID range        Setup per ID:    -   generate ID padding (P)    -   retrieve private signature key (L) by ID (X)    -   generate signature (S) by encrypting ID (X) and padding (P)        using private key (L):        S←E_(L)(X,P)    -   store signature (S) in database indexed by ID (X) (and/or store        padding (P))    -   encode ID (X) in all tag groups    -   encode signature (S) across multiple tags in repeated fashion        Online fragment-based authentication (user):    -   acquire ID (X) from tags    -   acquire position (x, y)_(i) and signature fragment (T_(i)) from        tag    -   generate fragment number (i) from position (x, y)_(i):        i←F[(x, y)_(i)]    -   look up trusted authenticator by ID (X)    -   transmit ID (X), fragment (S_(i)) and fragment number (i) to        trusted authenticator        Online fragment-based authentication (trusted authenticator):    -   receive ID (X), fragment (S_(i)) and fragment number (i) from        user    -   retrieve signature (S) from database by ID (X) (or re-generate        signature)    -   compare received fragment (T_(i)) with corresponding fragment of        signature (S_(i))    -   report authentication result to user        Offline signature-based authentication (user):    -   acquire ID from tags (X)    -   acquire positions (x, y)_(i) and signature fragments (T_(i))        from tag    -   generate fragment numbers (i) from positions (x, y)_(i):        i←F[(x, y)_(i)]        S←S₀|S₁| . . . |S_(n-1)    -   generate signature (S) from (n) fragments:    -   retrieve public signature key (K) by ID (X)    -   decrypt signature (S) using public key (K) to obtain ID (X′) and        padding (P′):        X′|P′←D_(K)(S)    -   compare acquired ID (X) with decrypted ID (X′)    -   report authentication result to user        Authentication Based on Secret-Key Signature        Setup per ID:    -   generate secret (Z)    -   store secret (Z) in database indexed by ID (X)    -   encode ID (X) and secret (Z) in all tag groups        Online secret-based authentication (user):    -   acquire ID (X) from tags    -   acquire secret (Z′) from tags    -   look up trusted authenticator by ID    -   transmit ID (X) and secret (Z) to trusted authenticator        Online secret-based authentication (trusted authenticator):    -   receive ID (X) and secret (Z′) from user    -   retrieve secret (Z) from database by ID (X)    -   compared received secret (Z′) with secret (Z)    -   report authentication result to user

As discussed earlier, secret-based authentication may be used inconjunction with fragment-based authentication.

Cryptographic Algorithms

When the public-key signature is authenticated offline, the user'sauthentication device typically does not have access to the padding usedwhen the signature was originally generated. The signature verificationstep must therefore decrypt the signature to allow the authenticationdevice to compare the ID in the signature with the ID acquired from thetags. This precludes the use of algorithms which don't perform thesignature verification step by decrypting the signature, such as thestandard Digital Signature Algorithm U.S. Department ofCommerce/National Institute of Standards and Technology, DigitalSignature Standard (DSS), FIPS 186-2, 27 Jan. 2000.

RSA encryption is described in:

-   -   Rivest, R. L., A. Shamir, and L. Adleman, “A Method for        Obtaining Digital Signatures and Public-Key Cryptosystems”,        Communications of the ACM, Vol. 21, No. 2, February 1978, pp.        120-126    -   Rivest, R. L., A. Shamir, and L. M. Adleman, “Cryptographic        communications system and method”, U.S. Pat. No. 4,405,829,        issued 20 Sep. 1983    -   RSA Laboratories, PKCS #1 v2.0: RSA Encryption Standard, Oct. 1,        1998

RSA provides a suitable public-key digital signature algorithm thatdecrypts the signature. RSA provides the basis for the ANSI X9.31digital signature standard American National Standards Institute, ANSIX9.31-1998, Digital Signatures Using Reversible Public Key Cryptographyfor the Financial Services Industry (rDSA), Sep. 8, 1998. If no paddingis used, then any public-key signature algorithm can be used.

In the hyperlabel surface coding scheme the ID is 96 bits long or less.It is padded to 160 bits prior to being signed.

The padding is ideally generated using a truly random process, such as aquantum process [14,15], or by distilling randomness from random eventsSchneier, B., Applied Cryptography, Second Edition, John Wiley & Sons1996.

In the hyperlabel surface coding scheme the random signature, or secret,is 36 bits long or less. It is also ideally generated using a trulyrandom process.

Security Tagging and Tracking

Currency, checks and other monetary documents can be tagged in order todetect currency counterfeiting and counter money laundering activities.The Hyperlabel tagged currency can be validated, and tracked through themonetary system. Hyperlabel tagged products such as pharmaceuticals canbe tagged allowing items to be validated and tracked through thedistribution and retail system.

A number of examples of the concepts of Hyperlabel security tagging andtracking referring specifically to bank notes and pharmaceuticals,however Hyperlabel tagging can equally be used to securely tag and trackother products, for example, traveller's checks, demand deposits,passports, chemicals etc.

Hyperlabel tagging, with the Netpage system, provides a mechanism forsecurely validating and tracking objects.

Hyperlabel tags on the surface of an object uniquely identify theobject. Each Hyperlabel tag contains information including the object'sunique ID, and the tag's location on the Hyperlabel tagged surface. AHyperlabel tag also contains a signature fragment which can be used toauthenticate the object. A scanning laser or image sensor can read thetags on any part of the object to identify the object, validate theobject, and allow tracking of the object.

Currency Tagging

An example of the protection of security documents will now be describedwith reference to the specific protection of currency, such as banknotes, although it will be appreciated that the techniques may beapplied to any security document.

Currency may be tagged with Hyperlabels in order to detectcounterfeiting and allow tracking of currency movement. Hyperlabel tagscan be printed over the entire bank note surface or can be printed in asmaller region of the note. Hyperlabel tagging can be used in additionto other security features such as holograms, foil strips,colour-shifting inks etc. A scanning laser or image sensor can read thetags on any part of the note to validate each individual note.

In this example, each hexagonal Hyperlabel currency tag is around 2.5 mmacross, and incorporates a variety of data in the form of printed dotsof infrared ink. An example of a tag included on a bank note is shown inFIG. 20.

A Hyperlabel currency tag identifies the note currency, issue country,and note denomination. It also identifies the note's serial number, thenote side (i.e. front or back), and it may contain other information(for example, the exact printing works where the note was printed).There are two note IDs for each physical bank note—one for each side ofthe note.

The tag may also include:

-   -   Alignment marks (these are the larger dots in the image above)    -   A code indicating that the tag is a currency tag, as opposed to        a commercial Hyperlabel or Hyperlabel tag    -   A horizontal position code, specifying where the tag is along        the note    -   A vertical position code, specifying where the tag is across the        note    -   A cryptographic signature    -   Error detection and correction bits

Each tag is unique. That is, of all tags ever to be printed on any noteor other document, no two valid tags will ever be the same. The tags aredesigned to be easily read with low cost scanners that can be built intoa variety of validation devices.

Hyperlabel currency tags can be read by any Hyperlabel scanner. Thesescanners can be incorporated into a variety of devices to facilitateauthentication and tracking, as will be described in more detail below.

Tracking

For the purpose of tracking and item validation the manufacturer, orother central authority, maintains a database which tracks the locationand status of all currency. This can also be used in authentication ofcurrency.

Each time a note is scanned its location is recorded. This locationinformation can be collected in a central database allowing analysis andidentification of abnormal money movements and detection of counterfeitnotes. This allows the creation of highly accurate intelligence aboutcriminal activity and the real-time detection of the location of stolenor counterfeit notes at many locations within the monetary system. Forexample, in the case of sophisticated forgeries where Hyperlabel dotpatterns are exactly duplicated, there will be multiple copies ofexactly forged notes (at a minimum, the original and the forgery). Ifmultiple identical notes appear in different places at the same time,all but one of the notes must be a forgery. All can then be treated assuspect.

Thus, when a transaction is performed using currency, the generalprocess is as follows:

-   -   a transaction is agreed    -   currency is provided relating to the transaction    -   the currency is scanned using an appropriate sensing device    -   the sensing device sense at least one tag and generates        predetermined data    -   the predetermined data is transferred to a central government        database

In this regard, the following predetermined data is automatically sentfrom the scanners to the central government currency database:

-   -   The serial number of the note    -   The denomination of the note    -   Note validity data    -   The serial number of the scanner    -   The time and date of the scan    -   The physical location of the scanner at the time the scan was        taken (for fixed scanners this is automatic, and for mobile        scanners the physical location is determined using a GPS        tracker)    -   The network location of the scanner    -   The identity of the person making reportable cash transactions

Thus, Hyperlabel technology makes it possible to build databasescontaining the serial number and history of all notes issued, and itallows them to be tracked through the monetary system. The datacollected can be used to build up cash flow maps based on the validationdata received, and its presence will provide a powerful tool for lawenforcement agencies to combat theft, money laundering andcounterfeiting in the global economy.

With each note being tracked over its lifetime, from when it is firstprinted, until it is destroyed. Calculations show that this databasewill need to store in excess of 50 GBytes per day to track all US Dollarmovements. Similar storage is also required for the Euro. This is wellwithin the capabilities of modern database systems.

There are also a large number of transactions involved—several hundredmillion per day. These are within the capability of conventionaldistributed transaction processing systems. However, the Hyperlabelcurrency system can be implemented at substantially lower cost by usingnew generation database systems that perform transactions insemiconductor memory, instead of disk drives. These transactions canthen be continually streamed to disk as a background ‘backup’ task. Suchsystems are likely to be sufficiently mature by the time that aHyperlabel based currency tracking system comes on-line that they willbe a viable choice.

As well as basic tracking and validation functions, the database systemmay have the following additional features:

-   -   Indication of abnormal money movement patterns within the system        (e.g. large cash payments made at different locations within the        system by persons of interest)    -   The provision of cash flow demand forecasts    -   Data mining features that could be used to detect and prosecute        counterfeiters and money launderers    -   Neural network based fraud detection    -   Geographic trends identification

Thus, the central database maintains up-to-date information on validobject IDs, an object ID hotlist (for all suspect object IDs), and alist of public keys corresponding to object IDs. The central server alsomaintains an object scanning history to track an object's movements.Each time an object is scanned, its timestamped location is recorded. Ifknown, the details of the object owner may also be recorded. Thisinformation may be known particularly in the case of large financialtransactions e.g. a large cash withdrawal from a bank. This objectscanning history data can be used to detect illegal product movements,for example, the illegal import of currency. It can also be used todetect abnormal or suspicious product movements which may be indicativeof product counterfeiting.

If an object is known to be stolen it can be immediately added to anobject ID hotlist on the central server. This hotlist is automaticallydistributed to (or becomes accessible to) all on-line scanners, and willbe downloaded to all off-line scanners on their next update. In this waythe stolen status is automatically and rapidly disseminated to a hugenumber of outlets. Similarly, if an object is in any other way suspectit can be added to the hotlist so that its status is flagged to theperson scanning the object.

An on-line scanner has instant access to the central server to allowchecking of each object ID at the time of scanning. The object scanninghistory is also updated at the central server at the time the object isscanned.

An off-line scanner stores object status data internally to allowvalidation of a scanned object. The object status data includes valid IDrange lists, an object ID hotlist, a public key list, and an objectscanning history. Each time an object is scanned the details arerecorded in the object scanning history. The object status data isdownloaded from the central server, and the object scanning history isuploaded to the central server, each time the scanner connects.

A mobile scanner's location can be provided to the application by thescanner, if it is GPS-equipped. Alternatively the scanner's location canbe provided by the network through which it communicates.

For example, if the hand-held scanner uses the mobile phone network, thescanner's location can be provided by the mobile phone network provider.There are a number of location technologies available. One is AssistedGlobal Positioning System (A-GPS). This requires a GPS-equipped handset,which receives positioning signals from GPS satellites. The phonenetwork knows the approximate location of the handset (in this case thehandset is also the scanner) from the nearest cell site. Based on this,the network tells the handset which GPS satellites to use in itsposition calculations. Another technology, which does not require thedevice to be GPS-equipped, is Uplink Time Difference of Arrival(U-TDOA). This determines the location of a wireless handset, using aform of triangulation, by comparing the time it takes a wirelesshandset's signal to reach several Location Measurement Units (LMUs)installed at the network's cell sites. The handset location is thencalculated based on the differences in arrival times of the three (ormore) signals.

Authentication

Each object ID has a signature. Limited space within the Hyperlabel tagstructure makes it impractical to include a full cryptographic signaturein a tag so signature fragments are distributed across multiple tags. Asmaller random signature, or secret, can be included in a tag.

To avoid any vulnerability due to the limited length of the object ID,the object ID is padded, ideally with a random number. The padding isstored in an authentication database indexed by object ID. Theauthentication database may be managed by the manufacturer, or it may bemanaged by a third-party trusted authenticator.

Each Hyperlabel tag contains a signature fragment and each fragment (ora subset of fragments) can be verified, in isolation, against the objectID. The security of the signature still derives from the full length ofthe signature rather than from the length of the fragment, since aforger cannot predict which fragment a user will randomly choose toverify.

Fragment verification requires fragment identification. Fragments may beexplicitly numbered, or may by identified by the two-dimensionalcoordinate of their tag, modulo the repetition of the signature acrosscontinuous tiling of tags.

Note that a trusted authenticator can always perform fragmentverification, so fragment verification is always possible when on-lineaccess to a trusted authenticator is available.

Establishing Authentication Database

Prior to allocating a new range of IDs, some setup tasks are required toestablish the authentication database.

For each range of IDs a public-private signature key pair is generatedand the key pair is stored in the authentication database, indexed by IDrange.

For each object ID in the range the following setup is required:

-   -   generate ID padding and store in authentication database,        indexed by object ID    -   retrieve private signature key by object ID    -   generate signature by encrypting object ID and padding, using        private key    -   store signature in authentication database indexed by object ID,        and/or store the padding, since the signature can be        re-generated using the ID, padding and private key    -   encode the signature across multiple tags in repeated fashion

This data is required for the Hyperlabel tags therefore theauthentication database must be established prior to, or at the time of,printing of the Hyperlabels.

Security issues are discussed in more detail above.

FIG. 21 summarises note printing and distribution of notes withHyperlabel tags. Notes are also logged in the database whenever they arescanned in circulation, and also when they are destroyed.

While the technology to print commercial Hyperlabel tags will becommercially available, only the authorized currency printing bureaus ofa government will be able to print the codes corresponding to thatgovernment's currency. These codes are protected by 2048 bit RSAcryptography embedded within the integrated circuits (chips) embedded inthe Memjet™ printers used to print Hyperlabel tags. This is a highlysecure form of asymmetric cryptography, using private and public keys.The private keys relating to any particular currency would be kept onlyby authorised national security agencies.

Off-Line Public-Key-Based Authentication

An off-line authentication device utilises public-key signatures. Theauthentication device holds a number of public keys. The device may,optionally, retrieve additional public keys on demand, via a transienton-line connection when it encounters an object ID for which it has nocorresponding public key signature.

For off-line authentication, the entire signature is needed. Theauthentication device is swiped over the Hyperlabel tagged surface and anumber of tags are read. From this, the object ID is acquired, as wellas a number of signature fragments and their positions. The signature isthen generated from these signature fragments. The public key is lookedup, from the scanning device using the object ID. The signature is thendecrypted using the public key, to give an object ID and padding. If theobject ID obtained from the signature matches the object ID in theHyperlabel tag then the object is considered authentic.

The off-line authentication method can also be used on-line, with thetrusted authenticator playing the role of authenticator.

On-Line Public-Key-Based Authentication

An on-line authentication device uses a trusted authenticator to verifythe authenticity of an object. For on-line authentication a single tagcan be all that is required to perform authentication. Theauthentication device scans the object and acquires one or more tags.From this, the object ID is acquired, as well as at least one signaturefragment and its position. The fragment number is generated from thefragment position. The appropriate trusted authenticator is looked up bythe object ID. The object ID, signature fragment, and fragment numberare sent to the trusted authenticator.

The trusted authenticator receives the data and retrieves the signaturefrom the authentication database by object ID. This signature iscompared with the supplied fragment, and the authentication result isreported to the user.

On-Line Secret-Based Authentication

Alternatively or additionally, if a random signature or secret isincluded in each tag (or tag group), then this can be verified withreference to a copy of the secret accessible to a trusted authenticator.Database setup then includes allocating a secret for each object, andstoring it in the authentication database, indexed by object ID.

The authentication device scans the object and acquires one or moretags. From this, the object ID is acquired, as well as the secret. Theappropriate trusted authenticator is looked up by the object ID. Theobject ID and secret are sent to the trusted authenticator.

The trusted authenticator receives the data and retrieves the secretfrom the authentication database by object ID. This secret is comparedwith the supplied secret, and the authentication result is reported tothe user.

Secret-based authentication can be used in conjunction with on-linefragment-based authentication is discussed in more detail above.

Product Scanning Interactions

Product Scanning at a retailer is illustrated in FIG. 22. When a storeoperator scans a Hyperlabel tagged product the tag data is sent to theservice terminal (A). The service terminal sends the transaction data tothe store server (B). The store server sends this data, along with theretailer details, to the manufacturer server (C). The Hyperlabel serverknows which manufacturer server to send the message to from the objectID. On receipt of the input, the manufacturer server authenticates theobject, if the manufacturer is the trusted authenticator. Alternativelythe manufacturer server passes the data on to the authentication serverto verify the object ID and signature (D). The authentication serversends the authentication result back to the manufacturer server (E). Themanufacturer server checks the status of the object ID (against itsvalid ID lists and hotlist), and sends the response to the store server(F), which in turn send the result back the store service terminal (G).The store server could also communicate with the relevant authenticationserver directly.

The interaction detail for on-line product scanning at a retailer isshown in FIG. 23. The store operator scans the Hyperlabel taggedproduct. The scanner sends the scanner ID and tag data to the serviceterminal. The service terminal sends this data along with the terminalID and scanner location to the store server. The store server then sendsthe request on to the manufacturer server, which performs authentication(either itself or via a third party authentication server) anddetermines the object status. The response is then sent back to thestore server, and on to the operator service terminal.

The interaction detail for off-line product scanning at a retailer isshown in FIG. 24. The store operator scans the Hyperlabel taggedproduct. The scanner sends the scanner ID and tag data from multipletags to the service terminal. The service terminal sends this data,along with the terminal ID and scanner location, to the store server.The store server then performs off-line authentication, as described inSection 3.4.2, and determines the object status through its cachedhotlist, valid object ID lists, and public key list. The store serverrecords the scan details in its internal object scanning history. Theresponse is then sent back to the operator service terminal.

An alternative for off-line product scanner occurs where the scanner isa hand-held, stand-alone scanner. In this case the cached authenticationdata is stored within the scanner itself, and the scanner performs thevalidation internally. The object scanning history is also cached withinthe scanner. Periodically the scanner connects to the central database,uploads it's object scanning history, and downloads the latest publickey list, object ID hotlist and valid ID range list. This connection maybe automatic (and invisible to the user), or may be initiated by theuser, for example, when the scanner is placed in a dockingstation/charger.

Product scanning with a Netpage pen is illustrated in FIG. 25. When auser scans a Hyperlabel tagged item with their Netpage pen, the input issent to the Netpage System, from the user's Netpage pen, in the usualway (A). To scan a product rather than interact with it, the pen can beplaced in a special mode. This is typically a one-shot mode, and can beinitiated by tapping on a <scan> button printed on a Netpage.Alternatively, the pen can have a user-operable button, which, when helddown during a tap or swipe, tells the pen to treat the interaction as aproduct scan rather than a normal interaction. The tag data istransmitted from the pen to the user's Netpage base station. The Netpagebase station may be the user's mobile phone or PDA, or it may be someother Netpage device, such as a PC. The input is relayed to theHyperlabel server (B) and then on to manufacturer server (C) in theusual way. On receipt of the input, the manufacturer serverauthenticates the object if the manufacturer is the trustedauthenticator. Alternatively the manufacturer server passes the data onto the authentication server to verify the object ID and signature (D).The authentication server sends the authentication result back to themanufacturer server (E). The manufacturer server checks the status ofthe object ID (against its valid ID lists and hotlist), and sends theresponse to the Hyperlabel server (G). The Hyperlabel server, as part ofthe Netpage system, can know the identity and devices of the user. TheHyperlabel server will relay the manufacturer server's response to theuser's phone (G) or Web browsing device (H) as appropriate. If theuser's Netpage pen has LEDs then the Hyperlabel server can send acommand to the user's pen to light the appropriate LED(s) (I,J).

The interaction detail for scanning with a Netpage pen is shown in FIG.26. The Netpage pen clicks on the Hyperlabel tagged product. The Netpagepen sends the pen id, the product's tag data and the pen's location tothe Hyperlabel server. If the pen ID is not already associated with ascanner, the Hyperlabel server may create a new scanner record for thepen, or may use the pen ID as a scanner ID. The Hyperlabel server sendsthe scanner ID, tag data, and scanner location (if known) to themanufacturer server, which performs authentication (either itself or viaa third party authentication server) and determines the object status.The response is then sent back to the Hyperlabel server, and on to theuser's default Web browsing device.

Security Tagging and Tracking Object Model

The Security Tagging and Tracking object model revolves aroundHyperlabel tags, object IDs, and signatures. FIG. 36 illustrates themanagement and organisation of these objects.

As shown in FIG. 27, a Hyperlabel tag comprises a tag type, object ID,two-dimensional position and a signature fragment. The tag typeindicates whether this is a tag on a common object, or whether the tagis on a special type of object such as a currency note or apharmaceutical product. A signature fragment has an optional fragmentnumber which identifies the fragment's place within the full signature.

Currency notes are identified by a note ID. The note ID comprises notedata and a serial number. The note data identifies the type of currency,the country of issue, the note denomination, the note side (front orback) and other currency-specific information. There are two note IDsfor each physical bank note—one for each side of the printed note. TheNote ID class diagram is shown in FIG. 28.

Object Description, ownership and aggregation class diagram is shown inFIG. 29. This is described in more detail above.

The Object Scanning History class diagram is shown in FIG. 30. An objecthas an object scanning history, recording each time the scanner scans anobject. Each object scanned event comprises the scanner ID, the date andtime of the scan, and the object status at the time of the scan, and thelocation of the scanner at the time the object was scanned. The objectstatus may be valid, stolen, counterfeit suspected, etc. If known, theobject owner details may also be recorded.

A scanner has a unique scanner ID, a network address, owner informationand a status (e.g. on-line, off-line). A scanner is either a mobilescanner, whose location may vary, or a fixed scanner, whose location isknown and constant. A scanner has a current location, comprising thelocation details and a timestamp. A scanner may be a Netpage pen, inwhich case it will be associated with a Netpage Pen record. If a scannerin off-line, it will keep an object scanning history, and willoptionally store a public key list, a valid ID range list and an objectID hotlist. The scanner class diagram is shown in FIG. 31.

The manufacturer, or other central authority, maintains a number ofObject ID Hot Lists, each with a unique list ID, and the time the listwas last updated. Each hot list comprises a list of suspect object IDs,comprising the object ID, date, time, status (suspected counterfeit,stolen, etc.) and other information. The Object ID Hot List classdiagram is shown in FIG. 32.

The manufacturer, or other central authority, maintains a list of validID ranges. Each valid object ID range entry in the list comprises thestart object ID and end object ID (the valid ID range) and the time theentry was updated. The Valid ID Range List class diagram is shown inFIG. 33.

The manufacturer, or other central authority, maintains a public keylist. The public key list consists of a number of entries identifyingthe public key for a range of Object IDs. Each valid object ID rangeentry comprises the update time for the entry, the start object ID forthe range, the end object ID for the range, and the public keyapplicable to each object ID in the given range. The Public Key Listclass diagram is shown in FIG. 34.

Object authentication may be performed by the manufacturer, or by athird-party trusted authenticator. A trusted authenticator has anauthenticator ID, name and details. A trusted authenticator holds a listof public-private key pairs, each associated with one or more ID ranges.This is a list of object ID ranges (identified by the start and end ID)and the corresponding public/private signature key pair. A trustedauthenticator also holds a list of secret signatures, and a list ofpublic-key signatures. Each public-key signature identifies the actualsignature and/or the padding used to generate the signature. Each secretsignature and public-key signature is associated by object ID with aunique object. The Trusted Authenticator class diagram is shown in FIG.35.

Security Document Scanners

Hyperlabel scanners can be built into a variety of devices. Scanners maybe fixed or mobile. A fixed scanner has a permanent, known location. Amobile scanner has no fixed location. A scanner may be on-line, i.e.have immediate access to the central database, or it may be off-line.

Hyperlabel scanners can determine both the validity and the value ofcurrency. Their determination of a note's validity is more definite andmore secure than current methods, and can be implemented at lower cost.

Scanners may be specific to a particular product application, such as acurrency counter, or may be a generic Hyperlabel scanner. Hyperlabelscanners may be embedded in other multi-function devices, for example, amobile phone or PDA. Such scanners are multi-purpose since they can alsobe used to scan hyperlabelled consumer goods and printed materials. Asmall hand-held scanner may also be used to scan and validate currency.When a scanner scans a note it notifies the currency server of the notedetails, the current date and time, and the scanner location (if known).Optionally the scanner may also send the identity of the person makingthe cash transaction, if known. This information would be available inrespect of bank transactions, currency exchanges and large cashtransactions.

Accordingly, hyperlabel currency tags can be read using many types ofdevice, including:

-   -   Currency counters    -   Automated teller machines    -   Cash registers    -   POS checkouts    -   Mobile phone with inbuilt scanner    -   Hyperlabel pens    -   Vending machines

The Hyperlabel technology used in these devices can be implemented in awide range of applications. As a result, the development and deploymentcosts can be shared by the key stakeholders. Of the seven types ofscanner listed, only the currency counters and vending machines arespecific to currency. The other five are also used for scanning consumergoods and printed materials.

Hyperlabel scanners built into a variety of products will include thefollowing features, currently under development at Silverbrook Research.

-   -   An infrared image sensor to read the Hyperlabel tags that        uniquely identify each note.    -   A 32 bit RISC processor with 20 megabits of secure code space        signed using 2048 bit RSA cryptography.    -   A highly secure processor with cryptographic and physical        security features for verifying the cryptographic signature on        Hyperlabel tags (under development at Silverbrook Research).    -   Infrared optics, including filters tuned to the Hyperlabel ink        infrared spectrum.    -   A real-time clock to verify the time of each transaction        reported.    -   Software to decode the Hyperlabel tags, record the details of        each scan, to validate each note scanned, and to facilitate        automatic and secure communications with an online database.    -   Communications systems to create secure network connections to        the central currency verification database.

Various of the Hyperlabel scanners described below are also planned toinclude the following units:

-   -   An inbuilt display and data entry mechanism to indicate to the        operator the amount of money counted, notes that are suspected        of being counterfeit, and the identity of the person requesting        reportable cash transactions.    -   A cache of the serial numbers of all known counterfeit and        stolen notes.    -   Other spectral filters tuned to the secure currency ink spectrum        (which differs from the commercially available Hyperlabel ink).    -   A GPS tracker to verify the location of the currency counter at        the time of use.        Currency Counters

A Hyperlabel currency counter with an inbuilt infrared scanner can beused to automatically scan, validate, and log each note in the centralcurrency database as it is counted. An example of the implementation ofthis is shown in FIG. 37.

These units could replace existing currency counting machines now in usein banks, in foreign exchange offices, in bill payment agenciesaccepting cash payments, and in immigration offices at internationalairports.

As a currency scanner has no other obvious application other thancurrency. It does not need to communicate with any database other thanthe government currency database. A currency scanner may operate at highspeed, requiring excess dataline bandwidth and transaction processing.To overcome this, the banknote validity data can be locally cached, andupdated whenever it changes. Information on scanned notes is sentperiodically in an encrypted form. Although the banknote locationupdates may be sent periodically security and timeliness for detectionare not compromised. This is because data on any counterfeit or stolennotes could be sent immediately. The time of the scan is locallydetermined and accurately included in the data packet, and the list ofcounterfeit and stolen notes is updated as soon as the information isavailable.

Automated Teller Machines

An Automatic Teller Machine (ATM) is a relatively simple case, as it istypically not used for depositing cash, only dispensing it. Accordingly,they are not required to validate the notes. Notes can be validated andlogged using a currency counter when they are placed into the ATM.

ATMs can be equipped with Hyperlabel scanners, which register notes asthey are loaded into, as well as taken out of, the ATM. As well asproviding currency tracking features, this will also reduce theft of,and from, ATMs. This is because the money taken from the ATM will betracked, and as soon as the theft is reported, the money will berecorded in the central database as stolen.

Thus, as shown in FIG. 38, the ATM can track the details of the accountfrom which the funds were withdrawn. This allows the particular notesdispensed to be logged as stolen if the real account holder notifies thebank of fraudulent transactions involving lost or stolen cards.

Cash Registers

Cash registers can have an add-on or built-in currency scanner for asmall additional cost per unit. The notes are scanned as they are putinto, or taken out of, the cash drawer. This also aids verification thatthe correct amount of money has been tendered, and the correct changegiven.

Tracking currency in and out of cash registers can enhance the safety ofshop attendants. Once criminals become aware that stolen cash will beimmediately recorded as stolen, then the incidence of theft should besignificantly reduced.

As shown in FIG. 39, this is typically achieved by having the cashregister communicate with a secure currency server, via a Hyperlabelserver and a local shop database. Thus, the cash register can transferinformation regarding transactions to the local database, whichdetermines if local verification is sufficient, or if global validationor the like is required. Thus, for example, offline authentication maybe used for transactions below a certain threshold required for

In this latter case, a request for verification or the like can berouted to the Hyperlabel server, which will then determine an associatedsecure currency, and route the request accordingly, allowing the securecurrency server to perform authentication using the online

Hyperlabel Supermarket Checkout

One of the major applications of Hyperlabel is in consumer packagedgoods, where it has the potential of being the ‘next generation barcode’ allowing automatic tracking of individual grocery items. Thisapplication requires automatic supermarket checkouts that scan productsfor Hyperlabels. These checkouts will be able to read currencyHyperlabel tags. This allows the currency to be tracked, but alsosimplifies payment, as the amount of money tendered is simply determinedby passing it through the Hyperlabel scan field.

An example of a hyperlabel supermarket checkout is shown in FIG. 40,with examples being described in more detail in our copendingapplication number [cross ref any application describing hyperlabelcheckout], the contents of which is incorporated herein by crossreference.

Mobile Phone with Inbuilt Scanner

A mobile phone that has an inbuilt infrared scanner to scan and validateeach note can be used in a range of locations where money counting isnot a normal function. It is also used for other inventory managementand validity checking applications, such as pharmaceutical security,forensic investigations, policing trademark infringement, andstocktaking, and is intended for wide distribution.

Tracking currency in and out of cash registers can enhance the safety ofshop attendants as criminal activity should be affected by therealization that all notes taken from a cash register will beimmediately registered as stolen, and that the criminal will run therisk of being caught just by using that cash in everyday transactions orby holding the cash.

Handheld Validity Scanner

Handheld Hyperlabel validity scanners may also be used where currencycounters are not required or suitable. These devices are expected to besignificantly more common than currency counters, as they have multipleuses, and will be much cheaper. An example of a handheld validityscanner is shown in FIG. 41, and described in more detail in copendingapplication number [cross ref any application describing validityscanner], the contents of which is incorporated herein by crossreference.

An example of communications used in implementing a second example of ahandheld scanner is shown in FIG. 42.

The validity scanner has multiple uses, including pharmaceuticalsecurity, brand-name security, stocktaking, forensic investigations, andpolicing. As it is not a dedicated currency device. It does notcommunicate directly with the government currency server as otherwise,large numbers of non-currency related messages would need to be routedthrough that server. Instead, it communicates directly with commercialHyperlabel servers, and any currency related validation requests arepassed on to the government server. To reduce the transaction load onthe government server, note related information can be cached at theHyperlabel server, much as they are cached in the currency counters.

The link to the database would typically be relayed over a radio link toallow local mobility. The radio link can be WiFi, GPRS, 3G mobile,Bluetooth, or other IP link, as appropriate. Internet transactions aresecured using encrypted packets.

Hyperlabel Pen

The Hyperlabel pen is a miniature low cost scanner for consumer andbusiness use. It uses an infrared image sensor, instead of a laserscanner, and scans a Hyperlabel tag whenever it is clicked against asurface.

Details of Hyperlabel pens are described for example in copending patentapplication number [cross ref any application describing pen], thecontents of which are incorporated herein by cross reference.

These pens are intended for high volume consumer use, with intendeddistribution exceeding 100 million units. While its primary applicationis a wide range of ‘interactive paper’ and computer peripheral uses, italso allows consumers to verify Hyperlabel tags printed on currency,pharmaceuticals, and other objects. The Hyperlabel network will bemanaged by dedicated Hyperlabel servers, and any currency scans fromHyperlabel pens will be routed through these servers to a single logicalconnection to the Currency Servers. Because the costs are borneelsewhere, a huge number of currency validation and logging points canbe added to the network at negligible incremental cost.

The pens do not have a display device, and are intended to be used inconjunction with a device with a display capability and a networkconnection, as shown in FIG. 43. As validation is a secondary functionof the pens, they do not communicate directly with the currencydatabase, and instead transfer requests via a relay device. Only a smallfraction of pen hits (much less than 1%) are expected to be related tocurrency validation. The pens communicate by radio (typically Bluetooth)to the relay, which may be a computer, a mobile phone, a printer, orother computing device.

This relay device communicates, in turn, with the Hyperlabel server. Ifthe Hyperlabel server determines that the pen has clicked on a currencytag, the click is interpreted as a validation query, which is thenforwarded to the appropriate currency server. The currency server logsthe identity and the network location of the pen that clicked on thenote, as well as other data such as the note serial number, the time andthe date. The physical location of the pen is typically unknown, asHyperlabel pens usually do not include a GPS tracker. The currencyserver passes the validation message back to the Hyperlabel server,which formats the message for the display device that relayed themessage from the pen.

Vending Machine

For a small additional cost, Hyperlabel scanners can also be added tovending machines to securely determine both the validity and the valueof a note, as shown in FIG. 44. They also reduce the risk of currencytheft from the vending machine. Vending machines are somewhatcomplimentary to ATMs—they accept notes, but do not dispense them.

Hyperlabel scanners send data to a remote secure server for storage andinterpretation. A direct wireless or wired link can be establishedbetween the server and a scanner for communication. Alternatively, thescanners can communicate with the secure server indirectly through acompanion device such as a point of sale (POS) terminal, a mobile phone,or computer. The database can be updated by scanners operating online inreal-time, or periodically using batch file downloads. High speedscanners can cache lists of counterfeit and stolen notes locally, toreduce network traffic.

The validation messages can go directly to the currency server, or viathe server of the company which owns and operates the vending machine.The vending machine can be configured to automatically reject any stolenor counterfeit notes. It is possible to display the status of the note(i.e. stolen or counterfeit) on most vending machines, and it ispossible that this would act as a further crime deterrent—for even ahumble vending machine can conspicuously identify dubious currency. Itshould only report this when the certainty is 100%. On lowercertainties, it can simply reject the note without stating why, as isthe current practice for vending machines.

Security Features

Hyperlabel currency security features include:

-   -   Notes can be tracked whenever they are scanned—at banks,        supermarket checkouts, vending machines, cash registers, and low        cost home scanners.    -   The unique range of currency tag numbers can be printed only by        the government printing agency.    -   Currency IR ink with unique spectral properties, can be made        available only to government printing agencies.    -   Note serial number printed in tag must match printed serial        number.    -   Tags are printed all over both sides of the note.    -   Tags vary across the note—a forger must match the thousands of        tags printed on any note.    -   Additional proprietary security features not disclosed in this        document.    -   The ability to determine both the validity and the value of        currency.        Security Requirements

For a low risk currency anti-forgery system, it is only necessary tomake it uneconomic. That is, all that is required is that the cost offorging a note exceeds the face value of the note, taking intoconsideration likely advances in technology. A good system should alsomake it easy to detect and track counterfeiters and money launderers.The Hyperlabel system offers a practical solution that meets theseobjectives.

Table 6 outlines various levels of counterfeiting skill, and thecorresponding ability of the Hyperlabel system to detect counterfeitcurrency.

TABLE 6 Scanner reports Counterfeit Counterfeiter probability of levelcharacteristic Note characteristic counterfeit Photocopy Casual forgerNo Hyperlabel tags 100% certainty Hyperlabel Home forger, usingHyperlabel tags are 100% certainty printer computers and printerspresent, but they are not valid currency codes. Sophisticated - Skilfulforger who creates Tag serial number 100% certainty computer a computersystem to does not match systems generate a sequence of cryptographicexpert Hyperlabel tags signature in tag Sophisticated No access tospecial ink Hyperlabel currency 100% certainty using tags printed withcurrency counters. commercial Some scanner types Hyperlabel IR ink (e.g.Hyperlabel instead of secure pens) do not detect currency IR ink thespecial ink High level Highly skilled forger who Hyperlabel tags do 100%certainty forgery copies a tag from a note, not vary correctly andreplicates it across over the note the note using illegally obtainedsecure IR ink Perfect Conventional, highly 100,000 copies of an 99.999%certainty on forgery skilled forger who existing note that are any note,as the meticulously copies every perfect in all respects, 100,000forgeries dot on the whole note, including ink and all- cannot be andprints them with over pattern of valid distinguished from illegallyobtained secure tags. All 100,000 the original valid IR ink notes havethe same note. The forgeries serial number are easily detected by humansdue to repeating serial numbers. Perfect Conventional, highly 100,000copies of an 100% certainty (with forgery (with skilled forger whoexisting note that are aid of operator different perfectly copies everydot perfect in all respects, verification of printed serial on the wholenote, then but 100,000 notes all serial number) numbers) ensures thatthe printed have different serial serial numbers increment. numbersLarge scale A massive effort, where No more than one 50% certainty onany effort many notes are collected, copy of any existing one note - asthe (uneconomic) and each note is note is printed, but single forgerycannot individually analysed and that copy is perfect in bedistinguished from duplicated. all respects. The the original. forgersanalyse and However, a pattern of copy one note at a duplications wouldtime. be evident if more than one forged note was passed at a time.Benefits of a Hyperlabel Security Document SystemTheft

Hyperlabel scanners report the locations of banknotes to a centralsecure database. Repositories of cash—banks, ATMs, cash registers,armored trucks, personal safes—that are equipped with Hyperlabelscanners have records of all of the serial numbers of the notes thatshould be in the repository. Whenever cash is stolen from such arepository, the central database operator can be notified, and the notescarrying the serial numbers will rapidly be registered as stolen. As therecords are kept in a remote secure location (i.e. the centraldatabase), the records will not be stolen along with the cash.

The stolen status is rapidly and automatically disseminated to a hugenumber of outlets as varied as financial institutions and retailers.Each of those outlets will be able to rapidly, accurately andautomatically identify stolen notes as part of their standardcash-handling procedures.

The stolen status is also rapidly and automatically disseminated torelevant agencies such as Customs, Immigration and Police, Hence lawenforcement officers will be armed with mobile scanners that canaccurately and immediately ascertain the status of suspect notes.

Once the stolen cash is used anywhere there is a Hyperlabel scanner, thecash will be identified as stolen. This places the thief in high dangerof being caught. It would thus be very difficult for a thief to disposeof any significant amount of stolen cash.

Hyperlabel scanners can assist in the reduction of theft in manysituations, including:

-   -   Bank and armored truck robbery: all notes would be immediately        ‘marked as stolen’ as soon as the thieves left the scene of the        crime.    -   Retail shops: late night shops, such as 7-eleven and gas        stations—are notoriously victims of small scale armed and        unarmed robberies. The reduction of this kind of theft should        make these occupations substantially safer.    -   For similar reasons, ATMs, personal and company safes, vending        machines, would all become significantly more secure.        Drug Dealing

Indirectly, this could also limit the activities of drug dealers. At thestreet level, many notes used to pay for drugs may be registered asstolen. As the number of these stolen notes accumulates, the cash flowpattern will be identified as suspicious. Therefore, drug dealers wouldwant to be able to verify that any money paid to them was not stolen orcounterfeit.

Ironically, drug dealers will not be able to use Hyperlabel scanners toverify the status of cash they are paid with, without also running therisk of being caught. If a drug dealer was frequently verifying largeamounts of cash, where a large percentage of that cash was stolen, theycould be investigated for money laundering.

Counterfeiting

As well as assisting in the apprehension of criminals, the collection ofthis data also allows the detection of sophisticated forgeries where theHyperlabel dot patterns are exactly duplicated. This is because therewill be multiple copies of exactly forged notes—at least the originaland the forgery. For example, if multiple identical notes appear indifferent places at the same time, all but one of those notes must be aforgery. This applies even if the note is an absolutely perfect forgery,as no two Hyperlabel tags should ever be the same. An heuristicdetermines whether the appearance of a particular note in differentplaces in quick succession is feasible. If successive appearances of anote are determined to be infeasible, the presence of a forgery isindicated.

Money Counting

Because the hyperlabel tags encode the denomination of currency, thisallows money to be counted solely on the basis of hyperlabel detection.This avoids the need for the detection and interpretation of a visiblenumeral, which typically requires complex image processing to beperformed, especially if the quality of the note is degraded due toextensive use.

It will be appreciated that in addition to this, as the denomination isrepeated substantially over the entire currency, this ensures that thecurrency value can be determined even if a large portion of the note isdamaged.

Money Laundering

As discussed in the background, there are two claim stages in moneylaundering, namely placement and wiring and integration.

It will be appreciated that by providing for tracking of each individualnote utilising the Hyperlabel system described above, this makes itextremely difficult for placement to be carried out, primarily as eachindividual note can be tracked throughout its life. Accordingly, largeamounts of currency suddenly entering into the circulation will beeasily detectable primarily as there will be a break in the history ofthe note.

Thus, the system can utilise Patent detection algorithms to identifywhen large volumes of currency either exit or enter into circulationthereby identifying potential sources of money laundering. In additionto this however currency in which has a certain times been owned bycertain individuals can also be tracked. This allows Patents within anindividual's accounts usage to be determined which also helps identifymoney laundering.

Meeting Regulatory Requirements

It will be appreciated that by providing a database which can be used totrack all currency, this allows banks to ensure regulatory requirementsare satisfied. To even further aid with this, rules can be defined whichrepresent the regulatory requirements. In this instance, when atransaction is to be performed, the transaction can be compared to thepredetermined rules to determine if the transaction is allowable. Thiswill effectively prevent unallowable transactions occurring therebyensuring that the banks meet the regulatory requirements.

Cross Boarder Controls

In order to provide for cross boarder control, it is merely necessary tocontinuously monitor the location of currency documents. If currencydocuments on subsequent transactions are provided in different locationsthis indicates that the currency has been physically moved therebyallowing cross boarder currency movements to be determined.

Security Document Transfer

It will be appreciated that as the security document can be representedwholly electronically, by use of the identity and correspondencesignature, it is possible to electronically transfer security documents.In this instance, specialised transfer machines can be provided whichoperate to destroy a currency document upon receipt. The document can beconverted to an electronic form by identifying the correspondingdocument layout and tag map used to place the coded data thereon. Thisinformation can then be transferred to a corresponding machine inanother location allowing the security document to be reproduced. Thus,the security document may transferred to one location to anotherlocation in an electronic form by ensuring that only one securitydocument is produced this prevents document duplication whilst allowingsecure transfer.

Advantages of a Hyperlabel Security Document System

The proposed Hyperlabel solution can be implemented to bring manyadvantages. Some of these include:

-   -   Unobtrusive to the public    -   Follows existing cash handling processes    -   Reduces reliance on paper trails    -   Provides a strong deterrent for accepting counterfeit currency    -   Provides a strong deterrent for laundering large amounts of cash    -   Efficient way to share resources across national and        international agencies    -   Improves confidence in the financial system    -   Limits the possibility of inexplicable changes in money demand    -   Reduces risk to integrity of financial institutions    -   Helps banks implement and automate due diligence methods for        cash transactions

There are several major advantages of Hyperlabel currency tags overother existing forms of note validation such as RFID, including:

-   -   Hyperlabel tags are invisible, so they do not affect note design        or graphics.    -   Hyperlabel tags can be implemented at very low cost—the tags are        just ink and are printed while the notes are still in roll form,        directly after the visible inks are printed.    -   Hyperlabel tagged currency is extremely difficult to forge.    -   Hyperlabel tags are printed over the entire note surface in a        highly redundant and fault tolerant manner.    -   Hyperlabel tags are very unlikely to become unreadable due to        note damage.    -   Hyperlabel tags can be scanned using a variety of scanners.    -   Currency location and reportable cash transaction data are        automatically collected.

Hyperlabels support omnidirectional reading, they can protect privacy,they can be produced for a low cost, and the ability of the scanners toread the tags is independent of packaging, contents, or environmentalconditions.

One of the most effective methods to reduce the counterfeit risksconsidered above, is the introduction of a new form of currencyincorporating a machine readable code, and the means to validate notesat key points where cash transactions occur. Counterfeit notes couldthen be detected at banks, currency exchanges, airports, retailers andbill payment service providers accepting cash payments. That is, thegoal would be to identify and reject counterfeit notes before they enterthe monetary system.

Counterfeit notes can vary in quality—depending on the level of skill ofthe counterfeiter and the choice of technology. Hyperlabel providessecurity against the full range of efforts—from casual forgery on acolor photocopier, through to multi-million dollar efforts byprofessional criminals.

By implementing a Hyperlabel system, it becomes possible to monitor andforecast national and international cash flow changes, as well asprovide alerts for any abnormal patterns that could lead to unwantedmacroeconomic outcomes.

An automated Hyperlabel system aids with the record keeping, andprovides the basis for additional ways to identify ‘suspiciousactivities’ involving cash that can occur.

In comparison, Hyperlabel tags can be produced at a low cost. They canbe printed all over the surface of a note (redundancy) and they are easyto read. The IR ink ‘tags’ will not be damaged by folding, washing,physical impact or electrostatic shock, and cannot be torn out of thenote. They can be used and read in the presence of radiopaque materials.They support omnidirectional reading, as well as very low cost proximityreaders. Hyperlabel tags cannot be read while in the wallets ofcitizens, so do not present a threat of covert scanning providinginformation to criminals. This should make Hyperlabel tagged currencyacceptable to privacy advocates concerned about the ability to readnotes without the knowledge of the owner. They also meet current andanticipated regulations and guidelines for national and internationalagencies. An overview of the key components of a Hyperlabel systemneeded to achieve these objectives is provided in the next section.

Socioeconomic Consequences

Although there are significant advantages in implementing a Hyperlabelsolution, there are also socioeconomic consequences that need to benoted.

Of primary concern is the consequence of Hyperlabel becoming a pervasivecounterfeit detection and cash flow tracking system. This couldeffectively and materially hamper the activities of organized crime andterrorists relying on counterfeiting or laundering cash and it couldprove to be disruptive as criminals find alternative methods to supporttheir activities.

In this context, further questions ought to be considered beforeproceeding with implementation. Some of these include:

-   -   Will crime move to less regulated and less developed nations        causing further decline in their socioeconomic status?    -   Will electronic crime become more sophisticated?    -   How will Hyperlabel alter the structure of criminal and        terrorist networks?    -   The cash economy is often used by small businesses as a form of        tax evasion—what, if anything, will replace this once cash        becomes traceable?        Related Applications

The Hyperlabel infrastructure can also be used to validate and trackother ‘secure documents’ where the value of the document is based uponwhat it represents, rather than what it contains. Some examples are:

-   -   Government checks    -   Bank issued checks    -   Bearer bonds    -   Stock certificates    -   Lottery tickets    -   Event tickets    -   Passports    -   Medical certificates    -   Postage stamps    -   Food stamps

The Hyperlabel infrastructure is also shared with other applications,such as grocery tracking and interactive documents.

1. A method of printing a security document having a security feature,the method including: receiving the security document; receivingidentity data, the identity data being at least partially indicative ofan identity of the security document, the identity data being encryptedusing a public key; determining the identity by decrypting the receivedidentity data using a secret key associated with the public key;generating a signature using the determined identity, the signaturebeing a digital signature of at least part of the identity; generatingcoded data at least partially indicative of: the identity of thesecurity document; and, at least part of the signature; and, printingthe coded data on the security document.
 2. A method according to claim1, wherein the security document includes visible information, andwherein the method includes overprinting the coded data on the visibleinformation.
 3. A method according to claim 1, wherein a secure datastore is used for storing document data and where the method includesgenerating the signature using the data stored in the data store.
 4. Amethod according to claim 1, wherein the method includes encoding theentire signature within a plurality of coded data portions.
 5. A methodaccording to claim 1, wherein the method includes: determining a layout,the layout being at least one of: a coded data layout, the layout beingindicative of the position of each coded data portion on the securitydocument; and, a document description, the document description beingindicative of the position of the visible information on the packaging;and, prints, using the layout, at least one of the coded data and thevisible information.
 6. A method according to claim 1, wherein acommunication system is used for communicating with a database, thedatabase storing data relating the security, including at least one of:a currency note attribute including at least one of: currency; issuecountry; denomination; note side; printing works; and serial number; acheck attribute including at least one of: currency; issuinginstitution; account number; serial number; expiry date; check value;and limit; a card attribute including at least one of: card type;issuing institution; account number; issue date; expiry date; and limit.7. A method according to claim 6, wherein the method includes, at leastone of: updating at least some of the data relating to the securitydocument; and, generating the coded data using at least some of the datarelating to the security.
 8. A method according to claim 1, wherein thesignature is a digital signature of at least part of the identity and atleast part of predetermined padding, the padding being at least one of:a predetermined number; and, a random number.
 9. A method according toclaim 1, wherein the coded data includes a plurality of layouts, eachlayout defining the position of a plurality of first symbols encodingthe identity, and a plurality of second symbols defining at least partof the signature.
 10. A method according to claim 1, wherein the codeddata is substantially invisible to an unaided human.
 11. A methodaccording to claim 1, wherein the coded data is printed on the surfaceusing at least one of: an invisible ink; and, an infrared-absorptiveink.
 12. A method according to claim 1, wherein the coded data isprovided substantially coincident with visible human-readableinformation.
 13. A method according to claim 1, wherein at least some ofthe coded data portions encode at least one of: a location of therespective coded data portion; a position of the respective coded dataportion on the surface; a size of the coded data portions; a size of asignature; an identity of a signature part; and, units of indicatedlocations.
 14. A method according to claim 1, wherein the coded dataincludes at least one of: redundant data; data allowing errorcorrection; Reed-Solomon data; and, Cyclic Redundancy Check (CRC) data.15. A method according to claim 1, wherein the digital signatureincludes at least one of: a random number associated with the identity;a keyed hash of at least the identity; a keyed hash of at least theidentity produced using a private key, and verifiable using acorresponding public key; cipher-text produced by encrypting at leastthe identity; cipher-text produced by encrypting at least the identityand a random number; and, cipher-text produced using a private key, andverifiable using a corresponding public key.
 16. A method according toclaim 1, wherein the security document is at least one of: a currencynote; a check; a credit or debit card; a redeemable ticket, voucher, orcoupon; a lottery ticket or instant win ticket; and, an identity card ordocument, such as a driver's license or passport.
 17. A method accordingto claim 1, wherein the coded data is arranged in accordance with atleast one layout having n-fold rotational symmetry, where n is at leasttwo, the layout including n identical sub-layouts rotated 1/nrevolutions apart about a centre of rotation, at least one sub-layoutincluding rotation-indicating data that distinguishes that sub-layoutfrom each other sub-layout.
 18. A method according to claim 1, whereinthe coded data is arranged in accordance with at least one layout havingn-fold rotational symmetry, where n is at least two, the layout encodingorientation-indicating data comprising a sequence of an integer multiplem of n symbols, where m is one or more, each encoded symbol beingdistributed at n locations about a centre of rotational symmetry of thelayout such that decoding the symbols at each of the n orientations ofthe layout produces n representations of the orientation-indicatingdata, each representation comprising a different cyclic shift of theorientation-indicating data and being indicative of the degree ofrotation of the layout.
 19. A printer for printing a security documenthaving a security feature, the printer being for: receiving the securitydocument; receiving identity data, the identity data being at leastpartially indicative of an identity of the security document, theidentity data being encrypted using a public key; determining theidentity by decrypting the received identity data using a secret keyassociated with the public key; generating a signature using thedetermined identity, the signature being a digital signature of at leastpart of the identity; generating coded data at least partiallyindicative of: the identity of the security document; and, at least partof the signature; and, printing the coded data on the security document.